What is Required to Filter HTTPS?

In order to be able to filter HTTPS we need to deploy a proxy that can decrypt HTTPS connections and re-encrypt them back after filtering. One of such proxies is Squid (http://www.squid-cache.org).

Usually Squid proxy can be found in default repositories of all modern Linux versions (Ubuntu, RedHat, Debian). Unfortunately sometimes we need to recompile Squid from source as it may not contain all compiler switches required for successful HTTPS filtering.

Our installation guides for different operating systems contain everything necessary (including automation scripts) for recompilation. There is also a link to preconfigured Virtual Appliance which already includes everything required for HTTPS filtering.

Note

We now have a new project - Web Filtering Proxy for Microsoft Windows. It combines best features of Web Safety but runs natively on Windows. No need to use Hyper-V or dive into Linux specifics. You can enable proxy authentication, HTTPS decryption and filtering with several mouse clicks from Microsoft Management Console. See https://webproxy.diladele.com/.