| Author |
Message |
Just_Guessing
Guest
|
 Posted:
Tue Dec 06, 2005 5:21 pm Post subject:
Using advproxy and ipcop to restrict web sites based on Wind |
|
|
I am using Advproxy and IPCOP to restrict web access based on the
users' Windows login. The only problem I have is that certain sites
link to other "banned" sites and these sites trigger the username and
password prompt - even though the user is not going to that site. So
users think they are blocked from sites they aren't blocked from. If
the user cancels the prompt he can enter the site, but this is annoying
Is there any way to stop this from happening? Is there any way to use
wildcard charactors to allow or maybe ignore these linked sites? |
|
| Back to top |
|
 |
Guest
|
| Posted:
Wed Dec 07, 2005 4:40 am Post subject:
Re: Using advproxy and ipcop to restrict web sites based on |
|
|
Just_Guessing <allanf123@gmail.com> wrote:
| Quote: | I am using Advproxy and IPCOP to restrict web access based on the
users' Windows login. The only problem I have is that certain sites
link to other "banned" sites and these sites trigger the username and
password prompt - even though the user is not going to that site. So
users think they are blocked from sites they aren't blocked from. If
the user cancels the prompt he can enter the site, but this is annoying
Is there any way to stop this from happening? Is there any way to use
wildcard charactors to allow or maybe ignore these linked sites?
|
Well, if the point of Advproxy is to pop up a prompt when people go to
forbidden sites, no, that cannot be done without overhauling Advproxy.
It might be a better design to use one 'public' proxy that will simply
drop all traffic to sites that are not publicly accessible, and one
'priviliged' proxy that requires a password for everything, but once
that is provided pass everything.
That being said, I know zip about Advproxy...
Joachim |
|
| Back to top |
|
|
Just_Guessing
Guest
|
| Posted:
Thu Dec 08, 2005 8:41 am Post subject:
Re: Using advproxy and ipcop to restrict web sites based on |
|
|
All I want to do is restrict users to a list of "approved" sites (about
a dozen sites). Advproxy blocks these sites, but gives the user an
opportunity to enter their Windows credentials - a "second chance" I
guess. How would you do this with any other web proxy? I would think
this is a problem with ANY proxy software. |
|
| Back to top |
|
|
Guest
|
| Posted:
Thu Dec 08, 2005 9:22 am Post subject:
Re: Using advproxy and ipcop to restrict web sites based on |
|
|
Just_Guessing <allanf123@gmail.com> wrote:
| Quote: | All I want to do is restrict users to a list of "approved" sites (about
a dozen sites). Advproxy blocks these sites, but gives the user an
opportunity to enter their Windows credentials - a "second chance" I
guess. How would you do this with any other web proxy? I would think
this is a problem with ANY proxy software.
|
I think you mean 'blocks other sites', no?
Either way, this is a *very* bad design. It encourages people to give
out sensitive passwords to a device they cannot distinguish from a web
site. Luring people to a website that also pops up an authentication
dialog would yield a very large number of usernames/passwords.
I'd heartily recommend you to go with my public/priviliged proxy
proposal, in my last post, which should be doable with pretty much any
proxy server. Just run two instances...
Joachim |
|
| Back to top |
|
|
Just_Guessing
Guest
|
| Posted:
Tue Dec 13, 2005 5:21 pm Post subject:
Re: Using advproxy and ipcop to restrict web sites based on |
|
|
Thanks for responding. The reason why advproxy is prompting the users
is because linked components of the web site are directing them to
"banned" sites not on the list. Typically users do not get a prompt at
all unless they're going to banned sites. I may want my users to go to
microsoft.com, but I don't want them to go to msn.com. Users can get
to the approved web site if they cancel the username/password prompt.
Components of the web page may not show, but that's okay. Your
solution is all or nothing. I'm trying to intelligently filter where
the user can go - even when they get into "approved" sites. |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in