How to block HTTPS facebook and other HTTPS websites?

General discussion about WFilter ICF features, problems, configuration issues etc.

Moderators: imfirewall, gengw2000

Iain123
Posts: 5
Joined: Tue Jan 19, 2010 10:44 pm

How to block HTTPS facebook and other HTTPS websites?

Postby Iain123 » Tue Nov 16, 2010 6:54 pm

Hope you can advise me on this.



Got the Web Filtering up and running at the Pic Mobert school and have run into one thing that I hope you can assist me on.



I have sites blocked via a blacklist entry such as:



*facebook*



You enter in http://www.facebook.com and the denial page comes up. Some of the students have found a work-a-round and by adding in an “s” so the URL now reads https://www.facebook.com this now loads up facebook and the denial page does not come up. They have by-passed the web filtering software on a few other sites as well by adding in the “s”.



I had assumed a blacklist entry using the *facebook* wild card would block any site with “facebook” in the address bar, but obviously not so.



I cannot block all secure sites as the business logs into secure sites for their on-line banking and on-line secure training courses.







I am not sure exactly the best approach to block this kind of user action?

gengw2000
Posts: 281
Joined: Mon Sep 07, 2009 11:11 pm

How to block HTTPS facebook and other HTTPS websites?

Postby gengw2000 » Tue Nov 16, 2010 7:03 pm

The "Website black/white list" can not block https websites.



You may enable the "HTTPS black/white list" to block https websites in the "Other" tab of a certain blocking level.



Iain123
Posts: 5
Joined: Tue Jan 19, 2010 10:44 pm

How to block HTTPS facebook and other HTTPS websites?

Postby Iain123 » Tue Nov 16, 2010 10:12 pm

Yes I saw that prior to contacting you and had tried the https backlist

option.



When I add in *facebook* to the https blacklist and try to access it via:

https://www.facebook.com

I do not get the default denial page but the IE white page as shown in the

attachment. So I figured I was doing something wrong with this approach as

expected the denial page to be displayed.

So the https blacklist does block the https website, but should not the

denial page be displayed?



Attached files

gengw2000
Posts: 281
Joined: Mon Sep 07, 2009 11:11 pm

How to block HTTPS facebook and other HTTPS websites?

Postby gengw2000 » Tue Nov 16, 2010 10:20 pm

Denial page is not supported for blocking HTTPS websites.



It is because HTTPS traffic is encrypted, we can not inject a denial page to an encrypted connection.


Return to “WFilter ICF”

Who is online

Users browsing this forum: No registered users and 30 guests