Jump to content

Block specific https address


ck_kent

Recommended Posts

Hey Guys,

So here's the situation, a friend asked me if I could block access to https://www.facebook.com but allow access to other https sites like linkedin.com.

Their using Linksys WRT54G for the router and Eset NOD32 Antivirus v4.

I actually had no problem in blocking https from Linksys' web admin page but the problem is it blocks all https addresses. The "Website Blocking by URL Address" only blocks http. So I tried blocking it using Eset's Web Access Protection - Address Management but it only blocks http addresses as well. I also tried blocking it by using the host file but it still did not work.

Any one else have an idea?

Thanks.

Link to comment
Share on other sites

  • Replies 10
  • Views 2.1k
  • Created
  • Last Reply

Hosts file modification.. add in facebook.com and variants and all FacialHooka problems disappear... :P Route it back to 127.0.0.1 of course.. Could also upgrade to ESS and really do tweaking .. :) get exactly what you want with it..

Link to comment
Share on other sites

Thanks heath, I mean HX1, :) but as you can see from my previous post I already tried re-routing it using hosts file but that didn't work either. I have ESS in my computer and I can't seem to see any option on how to block certain https sites only.

Link to comment
Share on other sites

In Protocol Filtering..(se sure to turn it on.. ) go to SSL.. Choose to always ask about sites... now what should happen.. is when you go to a site which asks for encryption.. You should get a popup like Firewall exception ( I turned this off because it eventually drove me crazy ) But just like the Firewall/HIPS in ESS.. you can allow or disallow I believe.. some site will switch to unsecured connections... Be sure to go through the rest of the Settings... and get it how you would like.. you can set it to only ask about sites you have not visited but that may require clearing all certs.. and starting over.. once that is done however it will not ask you again..

I am going to look at some other things too..

Are they using a proxy? ...if so the Hosts file is being jumped..

The Hosts entry I used was ...

facebook.com

www.facebook.com

After clearing the cache.. it was dead... :eek: Might wanna double check..

Link to comment
Share on other sites

The hosts file only allows from domain to IP resolution ;)

(As in http(s) is not a part of the domain, so using the hosts file won't work.)

Link to comment
Share on other sites

:think: Your absolutely right.. I think I was just to thrilled to not see the site load on my computer.. to realize ALL of facebook was blocked..... :lmao: ESS is looking like a good solution.. Though it may not be the best.. I also am thinking that the reason this is hard to find or figure out is that most people have made the move to USE https .. and not too many want to block it.. its a rare issue...

EDIT: Did read that some routers you have to add a service.. select Always and then add the 443 port.. this however will block ALL SSL..

Link to comment
Share on other sites

EDIT: Did read that some routers you have to add a service.. select Always and then add the 443 port.. this however will block ALL SSL..

Yep, that's what I did first. Not knowing they use linkedin. They only wanted to block https for facebook.

EDIT: I also don't think using ESET's protocol filtering is the best solution. I just tried it now and it's so annoying. :angry: The users are not that knowledgeable about these things and I'm not always there to support them so it would only annoy them every time they visit other sites with SSL.

Link to comment
Share on other sites

NOD32 can do this. You have to activate SSL protocol filtering before you can specify some https site to be blocked:

* Go to protocol filtering and set to always scan SSL protocol

* Then in Web access protection - URL address management - drop down - list of blocked addresses - Add https://www.facebook.com/*

One draw back though is when you try to connect to any other https site, you will be asked to set exceptions.

Link to comment
Share on other sites

One draw back though is when you try to connect to any other https site, you will be asked to set exceptions.

Yep, that's exactly what's holding me back from using protocol filtering. It will only annoy the users from all the pop-ups everytime they visit other https site.

hmmm.... :think:

Link to comment
Share on other sites

Okay so a protocol running on the same domain.. which is supposed to be blocked... will not be able to blocked with normal filtering.. It is actually impossible to do so as the two things are completely separate.. You have to have something that is taking the protocol like ESS would and filter or control all of that protocol traffic.. THEN.. you have to block it.. and as we see above the only way this is going to work.. is by either blocking the site, or blocking the protocol...

Now the only other way would be in the Internet Options.. by selecting the certificate for the site.. selecting it as Untrusted.. and blocking all communication with untrusted encryption/connections... so this would be there if possible .. I have not dug into it but it would seem that this would the only way to see it for the system.. no matter where it was... and use something already in place, possibly targeting something that will not matter anyway.. However the state of todays SSL Certificates per domain is not all as it should be as the cost of of renewing and changes to this area...

Hypothesis..

EDIT: Problem.. when said application and/or programs/service are used on the system and use their own set of rules and settings for this area.. such as Firefox.. this may not or will not apply.. unless the settings are applied or program utilization and restrictions are put into place... Hope that make since.. SO.. LSP/GP could be a factor in this if not the area of solution to look into..

Link to comment
Share on other sites

Hey Guys,

So here's the situation, a friend asked me if I could block access to https://www.facebook.com but allow access to other https sites like linkedin.com.

Their using Linksys WRT54G for the router and Eset NOD32 Antivirus v4.

I actually had no problem in blocking https from Linksys' web admin page but the problem is it blocks all https addresses. The "Website Blocking by URL Address" only blocks http. So I tried blocking it using Eset's Web Access Protection - Address Management but it only blocks http addresses as well. I also tried blocking it by using the host file but it still did not work.

Any one else have an idea?

Thanks.

Use Open DNS

http://www.opendns.com/

Cheers

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...