Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking HTTP & HTTPS request

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 3 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Satyam Verma
      last edited by

      Hi,

      Scenario: To block Selected HTTPS URL's using PFSense Firewall or any Package like SQUID Guard or any other Package

      We are using PFSense Build 2.1 for Internet Distribution.We are using SQUID Guard package.

      We were able to block HTTP URL's but was not able to see any method by which we can block HTTPS URL's.

      Sincere Thanks,
      Satyam

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        1.  This question belongs in the Cache/Proxy forum.

        2.  To block HTTPS in transparent mode, you need to install the pfSense certificate onto every client that will use the proxy.  Since this is usually not practical, it is better to run squid in explicit mode and use WPAD to allow clients to auto-discover the proxy.  For those clients that don't support WPAD, they will have ot be manually configured.

        1 Reply Last reply Reply Quote 0
        • K
          killmasta93
          last edited by

          not to take over this thread but quick question, could squid also run as transparent proxy with WPAD working? or would that defeat the purpose? or would that be explicit proxy using only WPAD?

          Tutorials:

          https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

          1 Reply Last reply Reply Quote 0
          • S
            Satyam Verma
            last edited by

            @KOM:

            1.  This question belongs in the Cache/Proxy forum.

            2.  To block HTTPS in transparent mode, you need to install the pfSense certificate onto every client that will use the proxy.  Since this is usually not practical, it is better to run squid in explicit mode and use WPAD to allow clients to auto-discover the proxy.  For those clients that don't support WPAD, they will have ot be manually configured.

            I'm also tried to run squid in explicit mode but having no luck to block https request, Is their is any different package or anything other way in pfsense.

            1 Reply Last reply Reply Quote 0
            • S
              Satyam Verma
              last edited by

              @killmasta93:

              not to take over this thread but quick question, could squid also run as transparent proxy with WPAD working? or would that defeat the purpose? or would that be explicit proxy using only WPAD?

              Yes, it's working in transparent proxy.I'm notable to block https request but able to block http request.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.