Blocking HTTP & HTTPS request


  • Hi,

    Scenario: To block Selected HTTPS URL's using PFSense Firewall or any Package like SQUID Guard or any other Package

    We are using PFSense Build 2.1 for Internet Distribution.We are using SQUID Guard package.

    We were able to block HTTP URL's but was not able to see any method by which we can block HTTPS URL's.

    Sincere Thanks,
    Satyam


  • 1.  This question belongs in the Cache/Proxy forum.

    2.  To block HTTPS in transparent mode, you need to install the pfSense certificate onto every client that will use the proxy.  Since this is usually not practical, it is better to run squid in explicit mode and use WPAD to allow clients to auto-discover the proxy.  For those clients that don't support WPAD, they will have ot be manually configured.


  • not to take over this thread but quick question, could squid also run as transparent proxy with WPAD working? or would that defeat the purpose? or would that be explicit proxy using only WPAD?


  • @KOM:

    1.  This question belongs in the Cache/Proxy forum.

    2.  To block HTTPS in transparent mode, you need to install the pfSense certificate onto every client that will use the proxy.  Since this is usually not practical, it is better to run squid in explicit mode and use WPAD to allow clients to auto-discover the proxy.  For those clients that don't support WPAD, they will have ot be manually configured.

    I'm also tried to run squid in explicit mode but having no luck to block https request, Is their is any different package or anything other way in pfsense.


  • @killmasta93:

    not to take over this thread but quick question, could squid also run as transparent proxy with WPAD working? or would that defeat the purpose? or would that be explicit proxy using only WPAD?

    Yes, it's working in transparent proxy.I'm notable to block https request but able to block http request.