Security Basics mailing list archives

Re: blocking https

From: Miguel Bolanos <miguel () hostarica com>
Date: Thu, 08 Dec 2005 16:02:10 -0600

Greetings,

If you want to block https completely just block port tcp 443 on your
firewall rulez.
If you just want to keep your users away from accessing a site, lets say
in your case "gmail.com" then you want to add to your squid.conf
something like this:

acl all src 0.0.0.0/0.0.0.0
http_access deny all gmail.com

Then again you might want to have a full list of sites to restrict, so
maybe the following can work better for you:

acl all src 0.0.0.0/0.0.0.0
acl denied_urls url_regex "/etc/squid/denied_urls"
http_access deny all denied_urls

Where you would add one url per line on ur /etc/squid/denied_urls
hope this works for you.

regards

Miguel.
ilaiy wrote:

Blocking https you would need to block traffic flowing to 443. Why
would you want to block https traffic

./thanks
ilaiy

On 12/7/05, muruganandam_c () sifycorp com <muruganandam_c () sifycorp com> wrote:

hi,

i wnat to block https site like gmail.com.how do i do that.in squid it is possible.how do i that.

Thanks,

Regards,
C.Murugannadam

Current thread:

blocking https muruganandam_c (Dec 07)
- RE: blocking https Ramki B (Dec 08)
- Re: blocking https ilaiy (Dec 08)
  - Re: blocking https Miguel Bolanos (Dec 12)
  - Re: blocking https Miguel Bolanos (Dec 12)
- Re: blocking https rvenne (Dec 08)
- <Possible follow-ups>
- RE: blocking https Mike Fetherston (Dec 08)
  - Message not available
    - RE: blocking https jim (Dec 09)
- Re: blocking https rvenne (Dec 09)
- RE: blocking https Mike Fetherston (Dec 09)