Solved

Only Allow Access to an HTTPS webpage via Squid Proxy

Posted on 2014-01-08
7
333 Views
Last Modified: 2016-06-02
Hello,
     I am trying to setup a Squid proxy that will only allow access to google drive. Basically, I have a computer that is on a manufacturing floor so that employees can update a shared production log hosted in google drive. I have installed Squid on a CentOS VM and have it up and running, but I'm a bit confused as to what rules to enable to allow only access to Google Drive, since it's encrypted via HTTPS. Thanks for any help!
0
Comment
Question by:indigo6
7 Comments
 
LVL 20

Expert Comment

by:edster9999
ID: 39766204
You ban all sites then add an acl rule that allows the site(s) you want.
Only problem... with google drive it is not a single URL (or web address).

As well as drive.google.com
it will do things with acounts.google.com
and www.google.com too

SO if you allow all these people will be able to use google and maybe other services like gmail (maybe)
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39766206
Have a look at SSL Bump.
0
 
LVL 20

Accepted Solution

by:
edster9999 earned 500 total points
ID: 39766213
acl ALLOWED dst domain google.com
http_access allow ALLOWED
http_access deny all
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:indigo6
ID: 39766219
edster9999, I was planning on allowing the entire google.com domain, just like you posted. I'll try sslbump as well.
0
 

Author Comment

by:indigo6
ID: 39777408
Ok, when I try to enable SSL bump, it says it can't find a certificate. How can I set up SSL bump?
0
 

Expert Comment

by:Ganesh Waghmode
ID: 40595485
@indigo6: Did you able to setup a squid proxy with SSL bump? If yes, Kindly share how you did it? This is my question. Kindly look into it if you can help.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
This Micro Tutorial will demonstrate the easy use of Gmail embedding images in your email so the recipient of your email can view them in context.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question