Overview
When a user attempts to browse to an HTTPS site that has been blocked, instead of receiving the GFI WebMonitor's blocking page or message that states 'Blocked: You have been blocked from downloading this file since it breaches a security policy...' they receive one of the following standard messages:
The page cannot be displayed
Certificate-Based Authentication Failed
There is a problem with this website's security certificate
Environment
- GFI WebMonitor
- GFI Cloud Web Protection
Root Cause
With HTTPS Inspection disabled GFI WebMonitor can block HTTPS connections upon the first attempt to connect. However, once a link to the destination web server is established, any pages or files downloaded through that connection cannot be monitored, scanned, or blocked. One of the side effects of this is that when a connection to an HTTPS site is blocked, the users will not be presented with the WebMonitor blocking page/message.
Resolution
This is expected behavior when the HTTP Inspection is not enabled. For the user to see the blocking page or message, you should enable HTTPS Inspection in the Stand-alone Proxy version, or allow Outgoing HTTPS Packet Inspection in TMG.
Note: ISA Server does not support this feature.
Priyanka Bhotika
Comments