How To : Block Facebook Or Other HTTPS Websites

Version 5.0



If you have an Endian Appliance equipped with version lower than 5.0.5 software release, the HTTPS proxy URL filtering only mode is not available

This lesson explains how to block, with the Endian UTM Appliance, facebook, twitter, and other sites that use SSL. Two different approaches will be shown in this lesson: Using an Access Policy rule in the HTTP Proxy, and using the DNS proxy

1. Create an Access Policy to Block HTTP/HTTPS Sites.


If the proxy is set in Transparent mode you must enable also HTTPS proxy as described in this article.
If the proxy is set in Non-Transparent there's no need to enable HTTPS proxy

From the web GUI select from Menubar > Proxy > HTTP > Access Policy > Add Access Policy.

In the Access Policy Editor, configure as follows the various options:

  • Source: The places where the clients will be subjected to the rule, which can be ANY, Zone, Network/IP, or MAC Address.
  • Destination: The places that you want to block. In this case, the domains and Write one domain per line, remember the starting dot if you want to : and
  • Access Policy: Deny access, for the rule to block traffic to the domains.
  • Position: First, to make sure that this rule take precedence over other rule, which possibly allow access.
  • Policy status: Click on the checkbox Enable policy rule to activate the rule.
  • The remaining options may keep their default values.


The dot before the domain name ( and instructs the HTTP Proxy to block all subdomains of the sites, too.
Finally, click on Create policy to save the new rule. After a few seconds, all services are reloaded and the new rule begins working.

2. Create a rule in DNS Proxy


This method is useful ONLY if you don't have HTTP proxy enabled.


From the web GUI go to Menubar > Proxy > DNS. Click on the checkboxes next to the Transparent on GREEN, BLUE, ORANGE, depending on which zones you want to create the rule into, then clik on Save.


Now, go to the Anti-spyware tab and insert in the textbox under the Blacklist domains label all the domains that you want to be blocked (ex. and click on Save.


Altre domande? Invia una richiesta