Hello Lukas, For sure Schroeffu is right. Without the SSL Interception (a.k.a. MITM – Man in the middle) squid can’t filter any HTTPS request as it doesn’t know what you have inside the SSL tunnel. From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of info@xxxxxxxxxxxx
Sent: Tuesday, May 7, 2019 7:46 PM
To: Lukas Yčas <lukasycas@xxxxxxxxx>; squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: Squid File Upload Blocking Hi Lukas
for my understanding you have to decrypt the SSL connection with SSL bump, otherwise Squid is unable to read what mime type is going through the ssl tunneled connection.
lot regards
schroeffu
7. Mai 2019 22:41, "Lukas Yčas" <lukasycas@xxxxxxxxx> schrieb: Hello, I am currently attempting to block File Upload with squid -
squid.conf: acl filesblock2 req_mime_type "/usr/local/squid/etc/blocked_up_extensions.acl" http_access deny filesblock2
blocked_up_extensions.acl: application/vnd.openxmlformats-officedocument.wordprocessingml.document With these settings applied I'm still able to upload .doc / .docx files for example via this website:
https://uploadfiles.io/
Am I missing something? How can I make it work?
P.S. I somehow do not receive replies via this mailing list, I can only read the daily digest, if you could add my email to CC while replying I would be very glad.
Regards,
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
