Squid Https blocking
-
Hello, i am running Squid/Squidguard with good result. My problem is that is is not blocking Https.
Squid is blocking mail.yahoo.com but it is letting pass https://mail.yahoo.comI found this tread but no solution
http://forum.pfsense.org/index.php/topic,11174.0.htmlAnny help?
-
Good find - we're seeing this too. Hopefully someone else can find a solution, it seems like we will just need to include 443 in the transparent redirect in squid.inc. Can someone with pf knowledge help us add that rule?
-
Any update on this?
-
You can't control HTTPS traffic that way (there is no way to see what URL you're going to, it's encrypted). You need to use firewall rules to control HTTPS. The Squid package doesn't do anything with HTTPS, it can't be cached and it can't be controlled by URL because that's all encrypted, so it doesn't touch it.
-
"You need to use firewall rules to control HTTPS"
Can you tell us how ;)
-
If you just want to disallow all HTTPS traffic use a block rule for HTTPS (port: 443).
-
not exactly, if think it is more complicated than that.
If you block 443 people wont be able to go to legitimate site not block by squid.
Esoft seems to be able to do it and i tough that Squid was more powerful solution.