Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
502
Views
4
Helpful
2
Replies

Is there a way to block "https//:" domains on a WRVS4400n?

n8smitchko
Level 1
Level 1

‎12-31-2012 03:14 AM - edited ‎03-11-2019 05:42 PM

We are currently using a WRVS4400n router here and I have recently been asked to block Facecbook from all but a select few computers. 

I have been trying to do this through the Internet Access Policy section of the Firewall.  I have tried listing facebook.com under the forbidden domain section as well as adding "facebook" as a keyword to block. 

While this generally works, I found that users can get around this by going to the secure facebook site by adding https//: in front of the address.  I also noticed that a lot of websites out there have links that point to their own facebook pages that use the https//: prefix.  This allows users to access facebook by clicking on the link.

When I try to add a forbidden domain such as "https//:facebook.com" it tells me that it is an invalid URL.

So is there a way that I can block this?

Labels:
0 Helpful
2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

‎12-31-2012 03:37 AM

Hi,

the easiest would be to install a Proxy Server like Squid but I suppose this is not one of your options.

Have you got a DNS server or is it the router ? if you've got a separate proxy dns server then point the facebook domain to 127.0.0.1 otherwise do this on the hosts file from the computers, make this read-only and disable other dns servers on the computers with local GPO.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

n8smitchko
Level 1
Level 1
In response to cadet alain

‎12-31-2012 06:44 AM

Thanks Alain,

I forgot about using the hosts file.  While this creates a fair amount of work on my end, at least it is a workaround for now.  So that's what I did.  I'm sure that we will be looking into getting a more sophisticated Web Content Filter device in the future.

Thanks again for your help!

Nate

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card