1

I am having issues configuring DansGuardian to filter https traffic.

Is there a way to force https traffic to go through a DansGuardian filter?

Dan
  • 12,494
  • 7
  • 70
  • 94
Ali
  • 526
  • 1
  • 7
  • 16

2 Answers2

3

HTTPS provides an encrypted channel from end to end (S in HTTPS is for SSL; Secure Sockets Layer). So no, there's no way to inspect the contents of anything over an HTTPS connection. That's the whole purpose of it in the first place!

gertvdijk
  • 67,007
  • 33
  • 188
  • 283
  • 1
    Squid can be configured to do a MITM and intercept HTTPS traffic: http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit Of course this requires that the user installs a new CA in the browser, but it can be done. – Andrea Lazzarotto Sep 06 '16 at 12:39
1

While it's my understanding that it's not ready for prime-time just yet, there is a fork of DansGuardian in the works called Archangel, which will filter BOTH HTTP AND HTTPS websites. For more information, take a look at its homepage at its Google Code homepage and its Sourceforge page.

Fred McKinney
  • 41
  • 1
  • 4