Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Web Security: Show Block Page for HTTPS Sites

Hello,
actually if an HTTPS web site is blocked due to proxy settings (ie. you want to block https://www.facebook.com) the user does not shows the classic "Blocked content page" by Astaro, but he sees a generic browser error. It seems that it happens because of a security modification applied by all browser producers (IE, firefox, opera, ecc). Astaro should conform to these new changes, otherwise all users could think that the website they want to see is not reachable cause of techical issues (generated by their network admin or by remote web site admins).

I think this request is very important and urgent.

Here more details:
http://www.astaro.org/astaro-gateway-products/web-security-http-https-ftp-im-p2p-web-filtering-antivirus/33860-blocked-content-page-not-shown-standard-mode-if-site-https.html#post156400

11 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    flaserraflaserra shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    Holger KieneHolger Kiene shared a merged idea: Web Protection: Error messages for HTTPS sites when not using HTTPS Scanning  ·   · 

    7 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • flaserraflaserra commented  ·   ·  Flag as inappropriate

        Some News: I upgraded to v8, there are some differences with this issue respect to v7

        In V7
        - When HTTPS scan is ON, and I surf to a forbidden web site (ie https://imo.im with chat category forbidden), I cannot surf (ok) but no "Content Blocked Page" is shown. Instead of this page, the browser get an error (behaviour I don't like).

        - When HTTPS scan is OFF, and I surf to a forbidden web site, I can surf (because in v7 content filter was not applied to a https site if https scan was off).

        Now with v8
        - When HTTPS scan is ON, and I surf to a forbidden web site, "Content Blocked Page" is shown: FANTASTIC, it is what I asked for!! :)

        - When HTTPS scan is OFF, and I surf to a forbidden web site, I cannot surf (ok) but no "Content Blocked Page" is shown: I get the browser error I saw in v7 when https scan was OFF.

        In other words, the problem has been solved when https scan is ON, but now happens when https scan is OFF :(

      • flaserraflaserra commented  ·   ·  Flag as inappropriate

        Already done, they said it's an issue of browsers (but in all browsers I see this issue, ie, firefox, opera, ecc.)

        bye

      • Elmar HaagElmar Haag commented  ·   ·  Flag as inappropriate

        I see what I expect to see: the content block page.
        Perhaps we are still talking about different things but
        this is not a chat platform, so contact Astaro Support or the Presales team (presales-DACH@astaro.com) or Astaro User Bulletin Board.

      • flaserraflaserra commented  ·   ·  Flag as inappropriate

        The descripted behaviour is confirmed by support, so I don't know how is possibile that you have no issue.

        Do you run in transparent proxy or standard proxy?
        In the second case, if you try to block https://www.facebook.com and you try to surf in it what do you see?

      • Elmar HaagElmar Haag commented  ·   ·  Flag as inappropriate

        Well it works for me at least in IE 8 and FF 3.5 using ASG v8.100 but I am pretty sure it also worked in V8.0 and 7.5.

      • flaserraflaserra commented  ·   ·  Flag as inappropriate

        Hi Elrmar. Unfortunately it is not a certificate issue (I think I shold change the text of my request because I bet that 90% of users didn't understand correctly what I mean).

        What happens is this: if you try to surf in a web site that should be blocked by asg, and you run in non-transparent mode, and this site is https, you get no Blocked content page, but an error that can vary from browser to browser. For example in firefox you get "Connection refused by proxy". So the users think that there is a problem in your network or in the web site that he wants to see. My clients are able to surf in https sites fine, so it is not a certificate issue.

        bye

      • Elmar HaagElmar Haag commented  ·   ·  Flag as inappropriate

        It works if you enable https scanning and trust the https proxy ca certificate in the browser.

      Feedback and Knowledge Base