MikroTik

Community discussions
https://forum.mikrotik.com/

Blocking part of an URL

https://forum.mikrotik.com/viewtopic.php?t=134244

Page 1 of 1

Blocking part of an URL

Posted: Thu May 10, 2018 2:28 pm
by ali_hacker
Hi
i was looking around for the past few days for a way to block a special section of HTTPS connection , for an example ( https://www.123.com/456)
i would like to block access to it while every thing else is accessible such as (https://www.123.com/) etc.
is that possible
Regards

Re: Blocking part of an URL

Posted: Thu May 10, 2018 5:37 pm
by sindy
It is not (using Mikrotik) because the complete url itself goes already encrypted. You can reset the TCP session in order to block access to the server based on the domain part which is present in the packets also in plantext and can be matched using the tls-host matcher, but that's not what you want.

Enterprise firewalls use forged certificates signed by a local authority, which the client PCs are configured to trust, to decrypt and re-encrypt the connection, but this approach cannot be used with Mikrotik.
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/