This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Website Block Message for valid blocked HTTPS sites

 

Hello,

I've got a client running Sophos Enterprise Console and recently enabled Web Control so they could move away from a web proxy provider and save money.

*Enterprise Console version 5.5.0

*Client Agent (Endpoint Security and Control) version 10.7

This works fine for all the sophostest.com sites and everyone is happy with the solution - however any BLOCKED sites that are accessed on HTTPS just result in:

 

"This site can't provide a secure connection

<website> sent an invalid response

ERR_SSL_PROTOCOL_ERROR"

 

 

Non-blocked HTTPS sites work fine.

Could anyone advise a way to resolve this please as I'm keen to provide users with a more meaningful message to reduce support calls.

 

Kind Regards,

Mike



This thread was automatically locked due to age.
Parents
  • Hello Mike,

    the Endpoint Web Control can just permit or block HTTPS requests but it can't inject its own error message, it would have to intercept the TLS handshake. Thus it only causes a connection error, the message is issued by the browser.

    Christian

  • Sophos does log that access to those sites is blocked under controlled items.  Is there anyway for users to get a pop-up notification from Sophos that the site is blocked?

  • Hi  

    An event is triggered that is shown to the user and sent to Sophos Enterprise Console. Alternatively, users can be warned by means of notification when visiting controlled websites; even if the user does not proceed, a warning event is triggered. If the user proceeds and views a site despite the warning, a second event is triggered and sent to Sophos Enterprise Console.

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • Hi Shweta.  The only message our users see when they go to a blocked website is the generic "This site can't provide a secure connection"  The only way a user can see if the site was blocked is by going to the controlled items area of Sophos on their PC.  Is that the event that you're referring too?

    You also said users can be warned by means of notification, is that a setting within Sophos Central?

    Thanks for your help!

Reply
  • Hi Shweta.  The only message our users see when they go to a blocked website is the generic "This site can't provide a secure connection"  The only way a user can see if the site was blocked is by going to the controlled items area of Sophos on their PC.  Is that the event that you're referring too?

    You also said users can be warned by means of notification, is that a setting within Sophos Central?

    Thanks for your help!

Children