The root of the problem: I need to block access to https://somewebsite.com/folder/index.php; but allow access to the rest of the site. I thought the best way to accomplish it would be through a proxy like squid.
How can I accomplish my goal? Keep in mind I'm running squid 2.7 on a Windows 7 box and all the clients are also windows machines that I have full access to.
This is my first experience with squid, so any help is appreciated.
Best Answer
" Keep in mind I'm running squid 2.7 on a Windows 7 box and all the clients are also windows machines that I have full access to."
Yes you can,
here are the steps: => Install on the clients a certificate authority that you own ( for internet explorer you just have to install it at the system level in windows, for firefox and chrome you have to install it in every browser ) => At this point you can already use SslBump feature in squid to do what you want.
Alternatively you can also use an apache server with mod_proxy, IMHO it is easier to configure for doing what you want.
The key is to be able to generate a valid certificate for the target domain. So either you you own the domain and you can generate a perfectly valid certificate (via rapidssl or other ) and install it where you want, or if you can not have a "standard" certificate for the domain you need to have you own authority installed in the client software, and you just have to generate certificates with your own CA.
Then you just have to direct the traffic to a server ssl-enabled with your certificate - apache, squid, .. anything - and you can treat the traffic as plain http.
Update: squid 2.7 does not support SslBump. If you have to stick with squid 2.7 you have to configure an https_port as an accelerator and configure your client to use the different port for ssl connections to the https site you want to filter. For example alter their dns settings and put in place a proxy configuration telling them to not use the proxy for this site.