Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [squidguard] safesearch rewrite redirects http but not https

    Cache/Proxy
    2
    4
    744
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kpoman last edited by

      Hi all,
      I configured squid which works well for intercepting http + https (splice all).
      I configured squidguard blacklists, etc. and it works fine.
      I tried to set up safesearch squidguard-based on url rewrites, and it seems to work with http (redirects appending safe=on at the end of the url), but not for https.

      example:
      good: http://www.google.com.br/search?q=blabla => https://www.google.com.br/search?q=blabla&gws_rd=ssl&safe=on
      bad: https://www.google.com.br/search?q=blabla => https://www.google.com.br/search?q=blabla

      My rule is as follows:
      target url: (google..*/search?.q=.)
      replace to url: \1&safe=on
      opt: no case

      Help much appreciated.

      1 Reply Last reply Reply Quote 0
      • S
        sichent Banned last edited by

        "Splice all" means do not decrypt. In this case your redirector will only see google.com (from SNI) - not the whole URL you try to rewrite.

        1 Reply Last reply Reply Quote 0
        • K
          kpoman last edited by

          The problem is that bumping give an error: "This site uses HTTP Strict Transport Security (HSTS)".

          1 Reply Last reply Reply Quote 0
          • S
            sichent Banned last edited by

            You cannot just redirect HTTPS unfortunately. Might have more luck with actually changing contents - like https://docs.diladele.com/tutorials/filtering_https_traffic_squid_pfsense/index.html (not verified with transparent intercept option like you desire).

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy