Blocking port 443

  • Hello, I am a newbie. Here's my setup. I have blocked port 443 and port 80 on the firewall. I have Squid (without HTTPS proxy) installed. I have configured client PC's proxy settings. They can visit all the HTTPS and HTTP sites (except for the blocked ones). But I heard many times that blocking 443 is a very bad idea. I don't understand why. Even-thought the 443 is blocked on the inside, the traffic will still be encrypted right? or else the browsers will pop up security warnings right? Further, if I open up port 443 all the HTTPS sites will be accessible thought the firewall directly without going through the Squid, so I won't be able to block HTTPS sites. Please help me out with this.

Log in to reply