Blocking Proxy Server Sites with NBM
Novell Cool Solutions: Tip
By Rod Urquhart
Reader Rating 
from 7 ratings
|
Digg This -
Slashdot This
Posted: 6 Jun 2007 |
Problem
We use Connectotel to filter access, but students are constantly finding new proxies to bypass the filters to get to Myspace, Bebo, etc. I must add about 10 new proxies a day to the block lists.
Solution
We added a deny rule:
http://*/*.php?q=*
This stops 90% or so of the proxy server sites. It won't stop the user from getting into proxies, but they won't get anywhere from there.
In addition, don't forget to add a rule to block Port 443 as most proxy sites offer SSL access.
Reader Comments
- Wow, careful with this rule as it will break much more then proxies. php?q= is a common php url for variable passing. Many sites that do not use "friendly URLs" use this. I would definitely not use this rule on my setup.
- Why not lock proxy down in browser with reg hack...
- I second the first comment, this breaks much more then proxy sites. I would avoid it. Also, to the comment on locking in the browser. It isn't the browsers configured proxy setting it is a website that provides a proxy frontend that is being blocked. Reg hack is not a solution to this (unless you mean maintaining a local client restricted sites list, which isn't advisable).
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com