Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7773
  • Last Modified:

how to block https facebook.com?

I blocked facebook.com  and youtube.com in firewall and  users cant open this sites.

but when they try to open  https://facebook.com or  https://youtube.com my block rule dont works...

how can i block https://facebook.com and Https://youtube.com ???

We use sonicwall firewall.
0
Mirceyhun
Asked:
Mirceyhun
  • 9
  • 9
  • 2
  • +2
1 Solution
 
wparrottCommented:
Easiest way is with the SonicWall SSL Control Feature.

Here's a link to step-by-step instructions:

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5853&formaction=catalert

HTH,

-W
0
 
MirceyhunAuthor Commented:
sorry... but it didnt help... (
0
 
alienXenoCommented:
You can just blackhole these sites in your internal corp DNS. redirect them to some internal webserver hosting a block page  or just resolve them to 127.0.0.1.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
MirceyhunAuthor Commented:
Our VIP users must be able to open Facebook and Youtube...
0
 
digitapCommented:
what model of sonicwall do you have? is it enhanced or standard OS?

i think you need to enable the following on your sonicwall: go to security services > content filter > Configure > check Enable IP based HTTPS Content Filtering.
0
 
MirceyhunAuthor Commented:
Sonicwall nsa2400

IP based HTTPS Content Filtering  enabled... but didnt help
0
 
digitapCommented:
reading through the comments again, i see some contradiction. you say in your question that you want to disable https://facebook.com, but then i see you need it opened? can you elaborate on this a little?
0
 
Akash BansalIT ProfessionalCommented:
i am having the similar issue, I have CISCO RVS4000 with protectlink security service which helps me to block web category
It blocks facebook.com but when the user put https://facebook.com it does not block the site.
I do not want to modify LMHOST on each computer.
0
 
digitapCommented:
@Mirceyhun :: doing some more looking, i discovered the KB below.

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3590

with that, if you use the following public IPs to suplement that check box checked in the forbidden domain, 69.63.181.12, 69.63.189.11, 69.63.189.16, i think you'll find that https://www.facebook.com will be blocked.

@BansalAkash :: Do you currently have a question open for this particular issue?
0
 
MirceyhunAuthor Commented:
Ip blocking didnt help
0
 
digitapCommented:
clarification, you need facebook blocked whether HTTP or HTTPS, right? currently, on ANY workstation, facebook for HTTP is being blocked, but ANY workstation that tries to connect at HTTPS for facebook isn't blocked, right?

so, the content filter IS working, but not for ANY HTTPS sites, right?
0
 
Akash BansalIT ProfessionalCommented:
@digitap its true in my case
No I haven't opened any case for this question
0
 
MirceyhunAuthor Commented:
@ yes you are right
0
 
digitapCommented:
ok...let's change things up a bit. review the kb below. it walks through using the application firewall. are you licensed for that?

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8190
0
 
MirceyhunAuthor Commented:
I tried it. but users still can access https facebook ((
0
 
digitapCommented:
something else is going on. i can't say for certain without seeing your settings. is the firmware up to date on your sonicwall? sorry, if that's already been covered.
0
 
MirceyhunAuthor Commented:
our license expired in 25.02.2011. new license will come in aprel... but i dont think that is a reason... because everythink works fine yet. and we can block sites. only https sites are problem.
0
 
digitapCommented:
i know it seems hard to believe, but you've followed all of the KBs i've posted so it the only thing left i can think of is the firmware. what version are you currently on?
0
 
MirceyhunAuthor Commented:
5.6.0.10-52 - firmvare version
0
 
digitapCommented:
you have the version right before the Early Release, which is at version 5.8.0.2-37o. Early Release is not beta and includes fixes but also features that have not been enabled yet. i've been instructed by support to install Early Release firmware to resolve issues. also, i've seen early release firmware resolve issues that were not in the release notes.

by the way, your current issue is NOT mentioned in the release notes.
0
 
MirceyhunAuthor Commented:
thanks i will try
0
 
digitapCommented:
ok...report back one way or the other. i don't want to claim the points if this wasn't the solution, although i appreciate the points.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 9
  • 9
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now