I have a TP-Link TL-WR1043ND router running OpenWrt Backfire 10.03.1. I have installed Tinyproxy and can deny web requests to certain websites based on URL or regular expression. My filter file contains the following:
This blocks all Google image search results. However, it's super easy to bypass the filter by using HTTPS instead of HTTP.
I've read this question on SuperUser, which suggests to me that it is possible to block a web request using HTTPS based solely on the URL. However, adding https://www.google.com to my filter file doesn't block it at all.
I had a hunch this had something to do with the "ConnectPort" option in Tinyproxy, so I removed port 443 from the list to no effect.
I understand that HTTPS traffic is encrypted, so typically a proxy can't do anything about it. However, the Tinyproxy website clearly states that it has HTTPS support:
Tinyproxy allows forwarding of HTTPS connections without modifying traffic in any way through the CONNECT method (see the ConnectPort directive).
Unfortunately, the documentation on Tinyproxy is extremely sparse.
Manpages are the primary documentation for Tinyproxy. After installing Tinyproxy, run the following command to see its manpages:
man tinyproxy tinyproxy.conf
The Tinyproxy manpages have very little to say about the ConnectPort directive:
This option can be used to specify the ports allowed for the CONNECT method. If no ConnectPort line is found, then all ports are allowed. To disable CONNECT altogether, include a single ConnectPort line with a value of 0.
So how can I achieve what I want?
(Last edited by davidkennedy85 on 12 Jan 2013, 08:41)