[squid-users] logging https websites

Leonardo Rodrigues leolistas at solutti.com.br
Wed Dec 9 18:25:58 UTC 2015

Em 09/12/15 13:11, George Hollingshead escreveu:
> is there a simple way to log request made to https sites.  I just want 
> to see sites visited without having to set up tunneling and all this 
> complex stuff i'm reading about.
> Hoping there's a simple way, and yes, i'm a newb but smart enough to 
> have your awesome program running; hehe
     If you really want a SIMPLE way, than the answer is NO, that's not 

     With simply configuring the proxy on the users browsers, you'll be 
able to see the hostname, but not the full URL

user acessing https://www.gmail.com/mail/something/INBOX
will appear on the logs just as
CONNECT www.gmail.com

     and that's how it works ... the path is only visible to the 
endpoints, the browser and the server, squid just carries the encripted 
tunnel between them, without knowing what's happening inside.

     is it possible to decript and see the full path on the logs, being 
able to filter on them and everything else ?? YES, that's ssl-bump, but 
that's FAR from being an easy setup ...


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia

	Minha armadilha de SPAM, NÃO mandem email
	gertrudes at solutti.com.br
	My SPAMTRAP, do not email it

More information about the squid-users mailing list