Balance 210 - Content Blocking error with https/ssl sites


#1

When I activate Content Blocking to block e.g. porn sites, the user will be redirected to an internal page that says that the site is prhibited, but if I want to block sites that are https/ssl (e.g. social network portals such as Facebook, Twitter, and so on…) the user get an error “NETWORK ERROR RESET”. In this case the user think that there was a network error, not that the site is prohibited by company policies, and this generate confusion, and much calls of help to the IT department.

This big issue must be corrected in very short time.


#2

Block page only will work for HTTP websites and not for HTTPS websites. This is because HTTPS connections are secure and encrypted. All request within the HTTPS request are not able to be intercepted for the block page.


#3

Hi.
I am wondering if you have tried a DNS service such as OpenDNS (opendns.com) or PiHole (pi-hole.net). Use example: On the network from which I am sending this message, facebook.com is blocked both by OpenDNS and pi-hole. Users are informed – in advance – that this is a “work system, not a play system – don’t call us if a non-work-related site is not reachable or does not perform as expected.” OpenDNS allows the user to set up a message indicating WHY the site was blocked, who blocked it, etc. PiHole does not – it just fails to resolve and throws the DNS inquiry into the bit bucket. Both are protocol agnostic – HTTP or HTPS – no difference. I know there are other approaches but these two have met most of the needs we’ve identified. The OpenDNS approach – with message to the user – may get you where you want to go.


#4

Dear sitloongs,
I don’t know why you say that content blocking doesn’t works for https.

I put “youtube.com” and “facebook.com” into domain list to block, and works!

These blocked sites (https) FB, YT, and so on, do not open anyway, and that’s what “content blocking” has to do.

The only thing that don’t works is the redirect to internal page that say “the site is blocked by network admin”, that works for http, but not for https.


#5

I may not properly explain for the previous post. Let me re-phrase and hope you will get the explanation.

For sure content Blocking for Web Blocking will work for both HTTPS/HTTP protocols.

The “block page” will only displayed for HTTP websites and not for HTTPS websites. The reason why the block page is not displayed are because HTTPS connections are secure and encrypted and all request within the HTTPS request are not able to be intercepted for the block page redirection.


Content Blocking redirect
#6

Some other routers (Cisco, and so on…) with contents blocking features, works propely even with https.
So, a solution, maybe exists.
Your development team is working on this? Will this remain a permanent issue? …or will it be correct?