Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 3242 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS Proxy option for Web Filter

Seb Sch

Is it possible to enable HTTPS for the Web Filter Proxy?

At the moment it's only possible to use HTTP for the CONNECT command. When using the Web Filter authentication features any token / credentials is transmitted in clear-text via the network.



This thread was automatically locked due to age.
Parents
  • 0

    Your question is confusing.

    I think you are referring to the URL used to retrieve the Proxy Configuration Script from an internal webserver, prior to connecting to an external web server using Standard Mode web filter and that proxy script.   (The source can be UTM but can be any internal webserver).   The internal webserver would typically be chosen to use either no authentication or NTLM transparent authentication.   Either way, there should be no clear-text password transmission.    If your proxy script webserver currently requests authentication using basic mode, you should change your webserver configuration.

    It may be possible to retrieve a proxy script using an HTTPS URL.   I do not think I have tried, and I do not see any reason to do so, as it will add unwanted overhead.

    Other than retrieving the proxy script, the protocol (http or https) is determined by the site that you are trying to reach.  This is the case for either Standard Mode or Transparent Mode.

  • 0 in reply to DouglasFoster

     

    Thanks for your fast reply and sorry for not being so clear.

     

    The "regular" workflow of a Proxy communication between a client and the target is

    1. Client -- CONNECT <URL> --> <Sophos>:8080 ---> <Host of URL>

    2. Client --> <Host of Url> (via Sophos:8080)

    3 ..

    My question was about the transport security security of the first "CONNECT" request. As you can see from the wireshark screenshot, the traffic is not encrypted and I cannot find an option in the Sophos UTM to encrypt this communication between the client and sophos:8080

     

    I hope this helps for your understanding.

Reply
  • 0 in reply to DouglasFoster

     

    Thanks for your fast reply and sorry for not being so clear.

     

    The "regular" workflow of a Proxy communication between a client and the target is

    1. Client -- CONNECT <URL> --> <Sophos>:8080 ---> <Host of URL>

    2. Client --> <Host of Url> (via Sophos:8080)

    3 ..

    My question was about the transport security security of the first "CONNECT" request. As you can see from the wireshark screenshot, the traffic is not encrypted and I cannot find an option in the Sophos UTM to encrypt this communication between the client and sophos:8080

     

    I hope this helps for your understanding.

Children
  • 0 in reply to Seb Sch

    Hi and welcome to the UTM Community!

    You're correct, there is no such option.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML