|
Title: No proxy on HTTPS - Please help Post by: ansolutions on Tuesday 29 December 2009, 08:48:50 am new to endian, and so far I'm impresssed. I'm having one issue I can't seem to figure out
when using either transparent or non-transparent, https traffic isn't getting blocked. for example. I'm testing using the following. blocking "" using content and url filter blocking facebook using custom blacklist Transparent http://www.playboy.com = blocked https://www.playboy.com = not blocked and page is viewable. same with facebook http://www.facebook.com = blocked https//www.facebook.com = not blocked Non Transparent using firefox http://www.facebook.com = blocked httpS://www.facebook.com = "The proxy server is refusing connections" http://www.playboy.com = blocked httpS://www.playboy.com = not blocked and page is viewable Anythoughts on what I'm doing wrong? Title: Re: No proxy on HTTPS - Please help Post by: mohsh86 on Tuesday 05 January 2010, 11:12:21 pm new to endian, and so far I'm impresssed. I'm having one issue I can't seem to figure out when using either transparent or non-transparent, https traffic isn't getting blocked. for example. I'm testing using the following. blocking "" using content and url filter blocking facebook using custom blacklist Transparent http://www.playboy.com = blocked https://www.playboy.com = not blocked and page is viewable. same with facebook http://www.facebook.com = blocked https//www.facebook.com = not blocked Non Transparent using firefox http://www.facebook.com = blocked httpS://www.facebook.com = "The proxy server is refusing connections" http://www.playboy.com = blocked httpS://www.playboy.com = not blocked and page is viewable Anythoughts on what I'm doing wrong? true, i've tried it too, transparent, http -> facebook.com is blocked, https -> facebook.com opens normally Title: Re: No proxy on HTTPS - Please help Post by: StephanSch on Wednesday 06 January 2010, 06:17:54 am It is called http-proxy!
Transparent mode does not support https because any webserver would block it as a "man-in-the-middle"-attack (http://en.wikipedia.org/wiki/Man-in-the-middle_attack (http://en.wikipedia.org/wiki/Man-in-the-middle_attack)) Title: Re: No proxy on HTTPS - Please help Post by: ansolutions on Wednesday 06 January 2010, 08:39:12 am true...I agree the content filtering shouldn't be able to take place, but URL blocking should still work with httpS.
Title: Re: No proxy on HTTPS - Please help Post by: satish on Friday 08 January 2010, 05:29:15 am I agreee, there should be a url blocking and url keyword blocking which looks into https as well
You could however, trick url/domains to be blocked by simply enabling dns proxy and pointing www.facebook.com's nameserver to something like a non existent nameserver ip Title: Re: No proxy on HTTPS - Please help Post by: satish on Saturday 09 January 2010, 02:58:57 am I tried something similar. I tried to point chatenabled.mail.google.com such that users are not able to use chat through google web interface. However, this has no effect once people login from https. Im still trying to figure out how its being resolved correctly.
|