Answer the question
In order to leave comments, you need to log in
T
T
Tremo2017-06-12 10:45:43
Tremo, 2017-06-12 10:45:43
How to block https requests for certain users?
Good time of the day!
It is necessary to configure restriction filters in the organization for access to external resources such as https://facebook.com, https://vk.com , etc.
It is desirable that you can set filters for each device separately (for example: by ip or mac address )
5 answer(s)
@res2001
@karabanov
@CityCat4
R
res2001, 2017-06-12 @res2001
Set up squid and enjoy. It is possible with authorization, it is possible by IP. As you wish.
A
Alexander Karabanov, 2017-06-12 @karabanov
MikroTik has an Address List mechanism with which you can block address blocks and single addresses. In addition to the address, you can specify a domain name, then MikroTik will resolve the domain name at regular intervals (I don’t remember exactly how much) and add / replace addresses in the Address List .
I am sure the same mechanism can be implemented on any OS using a script. That is, write a script that will resolve addresses for the vk.com domain or another that should be blocked and add / remove rules to the firewall.
C
CityCat4, 2017-06-12 @CityCat4
Set a proxy, of course, block the exit bypassing it. If you will distribute by IP, be sure to remember to statically link the IP to the computer :) With all the obviousness of the advice, it is often forgotten. Then lists of resources are formed and contacted by users. Perhaps it can be done from the target resource (vk.com, facebook.com etc), but we have done it from users - the user is included in a group that has rights to such and such a target resource and does not have rights to such and such resources .
I can share the impersonal squid config. Of course, it will not work as a copy-paste, just as an example.
Similar questions
A
V
A
G
R
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question