Exclude Domains from HTTPS Filtering¶
If you need to add exclusions from HTTPS filtering, click the UI / Squid Proxy / Exclusions add as many exclusions as desired. Please note, these exclusions work only when browsers are configured to use Squid proxy explicitly. If you have an invisible intercept proxy then these exclusions need to be managed by your firewall. The following screenshot shows default exclusions of the application.
The following exclusion types are supported:
Exclusion by remote domain name
Exclusion by IP address, subnet or IP range of the remote domain
Exclusion by IP address, subnet or IP range of the proxy user
Exclusion by time schedule and browser user agent
Exclusion by assigned categories of a domain name
The last type of exclusions is very useful to automatically exclude financial institutions and government sites from HTTPS inspection and SSL filtering. The following screenshot shows default excluded categories.