Unable to Block ads in https



  • I am using squidguard to block ads, and is working on http sites, but in https sites like youtube, I still able to see the ads, have you got any ideas of what I have to cofigure to deny ads also in https. thanks in advance



  • You need to man in the middle your HTTPS and make your network less secure. Totally worth it. But really, you can get probably the 80/20 rule by using  pfBlockerNG v2.0 w/DNSBL https://forum.pfsense.org/index.php?topic=102470.0

    If I sound a bit sarcastic, it's because the whole point of HTTPS is so that NO ONE can see or modify your traffic. What you're trying to do is at least see and possibly block or modify traffic.



  • Is this always of this way?. I remember that in my university youtube ads are blocked but I am still able to se the green https word, and I didn't install any certificate authority



  • There are a few possibilities that can explain what you saw

    1. Youtube was not HTTPS yet
    2. Youtube ads were not over HTTPS yet
    3. University was doing something similar to pfBlockerNG v2.0

    Summary: In order to block ads by inspecting the traffic, you have to man in the middle HTTPS. This may be the lesser of evils in some cases, but it is something very important to think about.  pfBlockerNG v2.0 can do this without inspecting traffic by messing with DNS or blocking IP addresses.


  • Moderator

    @Harvy66:

    There are a few possibilities that can explain what you saw

    1. University was doing something similar to pfBlockerNG v2.0

    In order to block ads by inspecting the traffic, you have to man in the middle HTTPS. This may be the lesser of evils in some cases, but it is something very important to think about.

    Just as a note, pfBlockerNG, is not really MITM for HTTPS. It would be more DNS sinkholing then anything. MITM is evil, and should never be done for content filtering… :)


Log in to reply