LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Blacklist a page inside a whitelisted website (http://www.linuxquestions.org/questions/linux-newbie-8/blacklist-a-page-inside-a-whitelisted-website-947753/)

klauriens 05-31-2012 08:09 AM

Blacklist a page inside a whitelisted website
 
Hi,

We are using squid as proxy. We are whitelisting sites and the rest are denied. I need a help in blacklisting a certain webpage or section inside a whitelisted website. Say, we whitelisted "www.myweb.com". I need to allow all its content excep "www.myweb.com/denyme".

Thanks a lot

bathory 05-31-2012 08:41 AM

Hi,

You can use:
Code:

acl denyme url_regex -i ^http://www.myweb.com/denyme
...
## put the following before the ACL allowing access to http://www.myweb.com
http_access deny denyme
...

Regards

klauriens 06-20-2012 10:20 AM

Hi,

Sorry for the late reply on this. I have tried your suggestion but it still doesn't work. Our linux system was created in a way like we are only defining what to whitelist and the rest are blacklisted. That is why I think blacklisting doesn't apply to our system.
What do you think of that? Is there other way to block that webpage.

Thanks,

bathory 07-02-2012 05:59 PM

What happens if you put the "http_access deny denyme" before any other "http_access ..." directive?
If it still doesn't work, you could post squid.conf, so we can understand better your ACLs

klauriens 07-09-2012 08:33 AM

Hi, please bear with me..here are the codes. I dont really know from where to where should I copy and post here but the codes below are the ones that I only play around.

#
http_access allow localhost

acl managers src "/etc/squid/managers"
acl whitelist dstdomain -i "/etc/squid/whitelist"
acl youtubelink url_regex -i "/etc/squid/youtubelinks"

http_access allow managers
http_access allow whitelist all
http_access allow youtubelink all

http_access deny all
#

Thanks,

bathory 07-09-2012 09:52 AM

Ok
Put the acl from post #2 along with the others and the "http_access deny .." before any "http_access allow ..."
E.g.
Code:

#
http_access allow localhost

acl managers src "/etc/squid/managers"
acl whitelist dstdomain -i "/etc/squid/whitelist"
acl youtubelink url_regex -i "/etc/squid/youtubelinks"
acl denyme url_regex -i ^http://www.myweb.com/denyme

http_access deny denyme
http_access allow managers
http_access allow whitelist all
http_access allow youtubelink all

http_access deny all
#

Note that the "http_access .." directives are read from top to bottom, so if for example you want to allow access to the denyme URL for your managers, you should move the "http_access allow managers" before the one denying access to it.

klauriens 07-10-2012 11:06 AM

Thanks bathory but it is still not working.

here is my current code now:
#
http_access allow localhost

acl managers src "/etc/squid/managers"
acl whitelist dstdomain -i "/etc/squid/whitelist"
acl youtubelink url_regex -i "/etc/squid/youtubelinks"
acl denyme url_regex -i ^https://test.myweb.com/denyme.aspx

http_access deny denyme
http_access allow managers
http_access allow whitelist all
http_access allow youtubelink all

http_access deny all
#

Notice that I changed the url into: https://test.myweb.com/denyme.aspx
That is because that's the format of the actual url. I'm sorry if I don't mentioned earlier because I'm thinking there is no such difference.

I am whitelisting "test.myweb.com" inside the "whitelist" acl so that everything under test.myweb.com will be whitelisted except for "test.myweb.com/denyme.aspx" which I want to blacklist.
Inside "whitelist" acl, we dont define if it is an "http" or "https" so when we put "test.myweb.com", it whitelisted it whether it is an https or http only.

Please help me out.

Thanks,
LA

bathory 07-10-2012 06:48 PM

Quote:

That is because that's the format of the actual url. I'm sorry if I don't mentioned earlier because I'm thinking there is no such difference.
Unfortunately it makes a big difference.
When you use squid to access an SSL site, you can block the entire site, but not a specific url of that site, because the url is transferred encrypted. Thus you can use:
Code:

acl denyme dstdomain test.myweb.com
act CONNECT method CONNECT
http_access deny CONNECT denyme

But not
Code:

acl denyme url_regex -i ^https://test.myweb.com/denyme.aspx
act CONNECT method CONNECT
http_access deny CONNECT denyme

Quote:

Inside "whitelist" acl, we dont define if it is an "http" or "https" so when we put "test.myweb.com", it whitelisted it whether it is an https or http only.
I guess you can still access a https site that is not in the whitelist file.

klauriens 07-11-2012 07:38 AM

Hi bathory,

I see. That is also what I am thinking that is why I posted a new thread last Jul 4th. http://www.linuxquestions.org/questi...80#post4719080

We cannot access https site if it is not inside the "whitelist" file because it seems that we have blocked the SSL ports.

That means we can never block a certain url inside a site. Please confirm. Is there no other workaround?
if there is none, then that would be the end of it and I will immediately inform my supers.

Thanks,
LA

bathory 07-11-2012 09:20 AM

Quote:

That means we can never block a certain url inside a site. Please confirm. Is there no other workaround?
AFAIK there is no way to block specific URLs inside a https site. You may see this for an explanation

Regards


All times are GMT -5. The time now is 04:28 PM.