Block all HTTPS traffic but allow HTTP traffic



  • My firewall has port 443 blocked, which blocks all HTTPS traffic, but it seems that users cannot access the sites using regular HTTP; I assume this is because of HSTS.

    How do I allow users to access the HTTP version of sites, but not the HTTPS version?

    If a firewall is blocking port 443, and a website is using HSTS, does that mean that users cannot access the site at all?

    Is the only way to fix this to modify browser settings?

    I don't need any assistance or commentary regarding the security flaws from such a configuration. I understand the implications.

    Trying to understand how HSTS and common browsers react when port 443 is blocked,

    Thanks.



  • I'm certainly not an HSTS expert.  But it seems to me if a site insists on HTTPS on port 443 then you are at their mercy.  Perhaps using a proxy would be a solution.



  • HSTS sites probably don't have an HTTP version. The whole point of HSTS is to not allow clients to access them over unsecure channels. The entire internet is moving towards HTTPS only. Good luck.

    At my work we don't have HTTP anymore. If you hit HTTP, you just get redirected to HTTPS. No HTTP supported.



  • i Need Help

    Lan

    tcp x.x.x.x:x5 <- x.x.x.x:51818 FIN_WAIT_x:FIN_WAIT_x 1x / 19 963 B / x KiB

    tcp x.x.x.x:x5 <- x.x.x.x:51819 FIN_WAIT_x:FIN_WAIT_x 1x / 19 963 B / x KiB tcp x.x.x.x:x5 <- x.x.x.x:518x0 FIN_WAIT_x:FIN_WAIT_x 1x / 19 963 B / x KiB

    tcp x.x.x.x:x5 <- x.x.x.x:518x1 FIN_WAIT_x:FIN_WAIT_x 1x / 19 963 B / x KiB tcp x.x.x.x:993 <- x.x.x.x:518xx TIME_WAIT:TIME_WAIT 7 / 6 505 B / 508 B

    tcp x.x.x.x:993 <- x.x.x.x:518x3 TIME_WAIT:TIME_WAIT 6 / 4 406 B / 3x7 B

    tcp x.x.x.x:993 <- x.x.x.x:518x4 TIME_WAIT:TIME_WAIT x / 1 9x B / 5x B

    tcp x.x.x.x:993 <- x.x.x.x:518x5 TIME_WAIT:TIME_WAIT 8 / 6 454 B / 4 KiB

    tcp x.x.x.x:993 <- x.x.x.x:518x6 TIME_WAIT:TIME_WAIT x / 1 9x B / 5x B tcp x.x.x.x:993 <- x.x.x.x:518x7 TIME_WAIT:TIME_WAIT x / 1 9x B / 5x B

    Problem With PFSense 2.3

    It block the Outlook with MS Exchange Server Connection

    Please somebody resolve the issue


Log in to reply