Video Screencast Help

HTTPS and Web Filtering

Created: 16 Feb 2010 • Updated: 19 Aug 2010 | 3 comments


I tried to stop access to a anonimous proxy and I did not succeed because it works in https. See https: / /

If I allow https level of "common protocols" is that the urls that use that protocol can not be filtered.

Any ideas?


Discussion Filed Under:

Comments 3 CommentsJump to latest comment

Don2's picture

Hi Joan,

I´m 99% certain that if it is https it cannot be blocked...but maybe someone from Symantec can confirm this for us? Kevin? Sergi?


Sergi Isasi's picture

Actually we can and do block HTTPS to IP addresses that match a content or malware category our customers have configured as blocked.

As you likely know, the HTTP header for SSL is slightly different than regular HTTP.  In HTTP, the GET contains the actual URL being requested (  In HTTPS, we actually only see the IP address in the GET (  Because of this, there has to be a classification match on the IP in order to block HTTPS based upon policy.  In this particular case, we had a classification match for (Anonymous Proxies) but not - so it did not block.  I've requested we add Anonymous Proxies as a classification for

Hope this clears things up.


Senior Product Manager - Web Gateway

Sergi Isasi's picture

As follow up: is now classified as Anonymous Proxies.

Senior Product Manager - Web Gateway