On 14/02/2023 12:04 am, sanket jaiswal wrote:
Hi Devs,
I'm using Squid for my Outbound traffic filtering and I have one use
case, I'm tryning to block Egress HTTP and HTTPS Request based
on certain Header and I've also leveraged squid
acl request_header_access to check and block header, However this acl
is only working for HTTP Request and not working for HTTPS Header.
Can anyone try to help me, Does Squid have support to check & block
HTTPS Request Header?
FYI, the difference between HTTP and HTTPS is that the "S" variant
messages are encrypted with TLS.
Look into the SSL-Bump feature of Squid for how to decrypt user traffic.
Also, be aware that there are some major limitations with what you are
trying to do: not all traffic can be decrypted, there are non-HTTP
protocols using TLS, and all your users must be explicitly configured
with trust for CA certificate your Squid uses to do the decryption.
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users