Koozali.org: home of the SME Server

Obsolete Releases => SME 9.x Contribs => Topic started by: Stefano on April 03, 2017, 11:34:22 PM

Title: smeserver-webfilter and https site filter
Post by: Stefano on April 03, 2017, 11:34:22 PM

Hi there


since almost every site is moving to https, is there anything I should be aware of if I decide to install smeserver-webfilter? any particular configuration?


will, for example, a porn site running on https be blocked?


thank you

Title: Re: smeserver-webfilter and https site filter
Post by: Daniel B. on April 04, 2017, 12:41:53 AM

Https filtering is trickier, but possible, even if not as powerful. It's working with my webfiltering contrib. For it to work, you need to:
- configure sme as a proxy on all your browsers (you can't rely on transparent proxying)
- block outgoing TCP port 443, unless for some itself
- only domains can be blocked, not url

Title: Re: smeserver-webfilter and https site filter
Post by: tw-lewis on February 14, 2018, 08:13:42 PM

Sorry for replying to an older post.

Have you had any luck with getting an https transparent proxy working?

I'm using:
yum --enablerepo=epel,fws install smeserver-webfilter

Just "www.facebook.com" and "facebook.com" in the ban list but with no success. Am I missing something in the basic setup guide.

echo "SELECT DOMAIN,COUNT(DOMAIN) AS occurances FROM access_log GROUP BY DOMAIN ORDER BY occurances DESC LIMIT 30;" | mysql squid_log

Shows activity so I am assuming its working for http traffic maybe?