On 20/02/2024 08:06, Dsant wrote:
Hello, I set up a squid proxy, I want to allow some sites, Google
recaptcha and block everything else.
acl mydest dstdomain .projet-voltaire.fr
http_access allow mydest
acl google_recaptcha url_regex ^www.google.com/recaptcha/$
http_access allow google_recaptcha
http_access deny all
The captcha is not showing. A syntax error ?
www.google.com is an HTTPS site. This means that from the point of view
of the proxy, only the hostname is visible (i.e. www.google.com) and so
your regex can never match. Look in your logs, you will see:
CONNECT www.google.com
and not:
GET http://www.google.com/recaptcha/
The only way round this is to use ssl_bump to intercept and decrypt the
traffic so that the HTTP request is visible. This is, however, not for
the faint-hearted and will require a CA certificate to be installed on
each client machine.
--
Stephen
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
