[squid-users] HTTPS URL Rewrite
Marcus Kool
marcus.kool at urlfilterdb.com
Wed Sep 2 01:52:00 UTC 2015
When a browser requests https://www.example.com/index.html, Squid with ssl-bump sends two requests to the URL rewriter:
1. CONNECT www.example.com:443
2. GET https://www.example.com/index.html
The URL rewriter must _not_ block the first and send an alternative URL for the second.
Caveat: this works for URLs of sites that use TLS/SSL.
For connections which cannot be bumped (e.g. Skype etc.) Squid only sends
1. CONNECT SO.ME.IP.ADDR:443
Marcus
On 09/01/2015 10:08 PM, Amos Jeffries wrote:
> On 2/09/2015 12:59 p.m., Oliver Webb wrote:
>> Hopefully quite a simple one (to ask anyway!):
>> In Squid 3.5.7 *with working Peek and Splice* how can I give my url_rewrite_program access to the decrypted URL?
>> eg. https://example.com/malware-that-the-url-rewriter-will-block.exe.pdf
>
> You need to use "bump" action in ssl_bump to decrypt the traffic (if you
> can).
>
> Once the request is decrypted by the "bump" Squid will pass it to the
> re-writer like any other URL.
>
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
More information about the squid-users
mailing list