Best way block facebook on https (port 443)
-
I have implemented squid server and squid filter successfully on pfsense 2.0.1.
One of the intentions behind implementation of squid proxy is to block facebook.
I manage to block facebook that is running with (http) port 80, but its possible access facebook using (https) port 443 .
Can some please advise me best possible way to block facebook on hhtps.Cheers
Asanka -
haven't tried it but in the ACL black list try
.*facebook.com:80
It might work.
-
Can some please advise me best possible way to block facebook on hhtps.
Are you using squid in transparente mode?
-
You can't do https filtering with Squid in transparent mode, you need to configure your clients to use it.
-
Yes I am using squid in transparente mode.
-
You can't do https filtering with Squid in transparent mode, you need to configure your clients to use it.
That is true … so I just added:
.*facebook.com
to the black list. I was blocked on port 80, but I was still allowed to access facebook on https.
-
You have to block using firewall rules. We do block 443/HTTPS traffic to Facebook CIDR networks during regular office hours.
For us, we block the following destination CIDR networks:
69.63.176.0/20
69.171.224.0/19
63.135.80.0/20
66.220.144.0/20
65.201.208.24/29
65.204.104.128/28
74.119.76.0/22
204.15.20.0/22
173.252.64.0/18
96.16.0.0/15