Quoting Mark Elsen <mark.elsen@xxxxxxxxx>: > > I run smartfilter plugin for squid. I define catagorys that I want blocked > to > > the internet. I found that I am unable to block any website that has > https:// > > Do you really want to block secure websites ? (...) > > > appended to the front end (443). As a result, a lot of the student body > has > > figured out how to bypass the filter. (smart kids). My question is do I > need > > these acl's? They are: > > acl SSL_ports port 443 563 > > acl Safe_ports port 443 563 # https, snews > > Then I have: > > http_access deny !Safe_ports > > http_access deny CONNECT !SSL_ports > > > > Looks like this is a standard squid.conf file. I am thinking that as a > result > > of the above acls websites with https:// dont go through my cache, > therefore > >... > > On the contrary, the intend of the default settings is to allow secure sites > on the standard SSL port (only). > > M. > I dont want to block all ssl sites. However, for some reason any url that has https: in it, doesnt go through the proxy, therefore the rules access rules that are setup in smartfilter dont apply. For example: I see no https: sites in any of my sarg reports. -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
