LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-30-2011, 06:44 AM   #1
aliabbass
Member
 
Registered: Jun 2008
Posts: 57

Rep: Reputation: 0
squid server how to block https:www.website.com


hi. We are running squid stable 2.6 on centos and restrictions are based on mac addresses. There is one issue that i need to find solution of and that issue is how to block https sites. There are certain websites which are blocked using http, but they can be opened by https:website address e.g social websites and porn websites. Can anybody help on this issue
 
Old 09-30-2011, 07:02 AM   #2
ieth0
LQ Newbie
 
Registered: Sep 2011
Posts: 3

Rep: Reputation: Disabled
Quote:
Originally Posted by aliabbass View Post
hi. We are running squid stable 2.6 on centos and restrictions are based on mac addresses. There is one issue that i need to find solution of and that issue is how to block https sites. There are certain websites which are blocked using http, but they can be opened by https:website address e.g social websites and porn websites. Can anybody help on this issue
based on my knowledge you cant block https URL because the whole packet is encrypted, you could do two things:
1) block port 443 and use Layer7 matching for SSL/TLS packets and block them and allow certain trusted IPs on this port/L7-regex rule.
2) rate limit all connection on this port/L7 and just allow trusted ips to have full bandwidth ( like google , yahoo mail , etc ) this is the recommended way.
 
Old 10-01-2011, 02:11 AM   #3
aliabbass
Member
 
Registered: Jun 2008
Posts: 57

Original Poster
Rep: Reputation: 0
squid server how to block https:www.website.com

Thanks for the help.If ISI server on windows is able to block https traffic then how can there is no solution in squid for this vary problem. Actually i need to block one or two websites having https://www.website.com by simply implementing the restrications in squid configuraton.So if someone knows how to do that it will a lot of help
 
Old 10-01-2011, 03:10 AM   #4
ieth0
LQ Newbie
 
Registered: Sep 2011
Posts: 3

Rep: Reputation: Disabled
https protocol will encrypt hostname too , this is by design , until you dont have private keys you cant do MITM and decrypt the data.
check this out:
http://www.howtoforge.com/how-to-blo...with-safesquid
 
Old 10-01-2011, 01:45 PM   #5
ShanxT
Member
 
Registered: Apr 2007
Location: India
Distribution: Ubuntu 10.04, RHEL/Centos 5.x, Knoppix
Posts: 41

Rep: Reputation: 3
If your squid isn't a transparent proxy, add this to your squid.conf file:

Code:
acl SSL method CONNECT
If your squid is a transparent proxy, there is no easy way to do it. But it can be done.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] unable to block https in squid Net_Spy Linux - Networking 42 02-23-2012 02:56 PM
How to block https sites through ACL in squid avi_tokade Linux - Newbie 5 04-12-2011 05:53 PM
unable to block all website except www.onlinesbi.com in squid nirmal1100 Linux - Newbie 0 03-30-2009 04:53 AM
How can I block HTTPS packets with iptables/Squid? sanjee Linux - Security 5 10-29-2008 04:52 PM


All times are GMT -5. The time now is 07:54 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration