Best way block facebook on https (port 443)



  • I have implemented squid server and squid filter successfully on pfsense 2.0.1.
    One of the intentions behind implementation of  squid proxy is to block facebook.
    I manage to block facebook that is running with (http) port 80, but  its possible access facebook using (https) port 443 .
    Can some please advise me best possible way to block facebook on hhtps.

    Cheers
    Asanka



  • haven't tried it but in the ACL black list try

    .*facebook.com:80
    

    It might work.



  • @asankaj2006:

    Can some please advise me best possible way to block facebook on hhtps.

    Are you using squid in transparente mode?



  • You can't do https filtering with Squid in transparent mode, you need to configure your clients to use it.



  • Yes I am  using squid in transparente mode.



  • @dhatz:

    You can't do https filtering with Squid in transparent mode, you need to configure your clients to use it.

    That is true … so I just added:

    .*facebook.com
    

    to the black list. I was blocked on port 80, but I was still allowed to access facebook on https.



  • You have to block using firewall rules.  We do block 443/HTTPS traffic to Facebook CIDR networks during regular office hours.

    For us, we block the following destination CIDR networks:

    69.63.176.0/20
    69.171.224.0/19
    63.135.80.0/20
    66.220.144.0/20
    65.201.208.24/29
    65.204.104.128/28
    74.119.76.0/22
    204.15.20.0/22
    173.252.64.0/18
    96.16.0.0/15


Log in to reply