- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
cannot block HTTPS by policy
Hi all, i'm trying to create a rules to block HTTPS sites by policy for a specific workstation.
If i specify an HTTP site it would work, but not https.
See attached screenshot.
Thanks in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi ,World you try to use "web filter"?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You need to decrypt the traffic go see the actual request. HTTPS would indicate security.
Ken
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@kuemacn: webfilter itself coan only block (or no block) urls but not protocols. It don't care if you do https or http or whatever. You might have to use either url filter with a block https://* rule or do it via ssl (deep) inspection to decrypt the traffic.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@OP
Considering that most sites are encrypted these day, I must ask why do you want to block HTTPS? Also, some sites (especially Google related) may force-redirect your browser into using HTTPS, in which case this may cause a connection error with the browser (e.g. site keeps redirecting to https but browser can't connect to).
That said, depending on the browser (and version) there is no guaranty that true HTTPS will be used with some sites - Google has taken to using the QUIC Protocol, which is can be thought as HTTP/HTTPS on UDP.
Edit: I am under the assumption OP wants HTTP only access to certain sites.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C