Well, I know that issue very good and google is the issue since they should put their captcha on a own subdomain. Then we could effectivley allow only the access to the captcha.
Until that there is no good way to achive this. But there is a non reliable way of blocking google.com First allow the Connect method for google.com Acl CONNECT method CONNECT acl sslconnect dstdomain -i www.google.com http_access allow CONNECT sslconnect Then use an url regex and allow google.com/recaptcha This way sometimes www.google.com is blocked, sometimes not. But access to recaptcha will always work. Why we can't block it reliable? Well when browser/client wants to connect to https website then the firsr thing the browser trie is open a ssl tunnel to the FQDN As soon as the tunnel is up it will request the ressource. May it helps if you add a url regex deny between allowing the connect method and allowing the url www.google.com/recaptcha Written on my mobile.. Br, Flashdown Am 27. Juni 2017 17:07:19 MESZ schrieb "Cherukuri, Naresh" <ncheruk...@partycity.com>: >Hi Eliezer, > >We successfully blocked gmail, google images, google drive and rest all >google related. Now we allowing www.google.com and www. >google/Recaptcha. We still need to block www.google.com and just allow >www.google/recaptcha. Is there a way to do that? > >Appreciate your quick turnover! > >Thanks&Regards, >Naresh > > >-----Original Message----- >From: Eliezer Croitoru [mailto:elie...@ngtech.co.il] >Sent: Tuesday, June 27, 2017 10:16 AM >To: Cherukuri, Naresh; squid-users@lists.squid-cache.org >Subject: RE: [squid-users] Squid Version 3.5.20 > >Hey, > >I can try to help you but I do not have enough logs for it. >Also it's not so simple. >Basically you will need to block gmail and google drive themselves in >one rule that will not include other google services. > >All The Bests, >Eliezer > >---- >http://ngtech.co.il/lmgtfy/ >Linux System Administrator >Mobile: +972-5-28704261 >Email: elie...@ngtech.co.il > > >From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On >Behalf Of Cherukuri, Naresh >Sent: Friday, June 23, 2017 23:34 >To: squid-users@lists.squid-cache.org >Subject: [squid-users] Squid Version 3.5.20 > >Hello All, > >I installed Squid version 3.5.20 on RHEL 7 and generated selfsigned CA >certificates, can you shed some light on how to "Configure regular >expression of the Google ReCaptcha URL with ACL". > >My requirement : > >This requirement is to allow Google's ReCaptcha URL (HTTPS) so >associates can successfully use ADP which now utilizes Google's >ReCaptcha which is called via an HTTPS URL, without allowing users to >access other Google-related services such as Gmail or Google Drive. > >Any ideas much appreciated! > >Thanks, >Naresh > >_______________________________________________ >squid-users mailing list >squid-users@lists.squid-cache.org >http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
