Trying to block htpps sites

Comments

4 comments

  • Avatar
    mattwilson9090

    OpenDNS, like any other DNS based service does not know if your traffic is being sent to an HTTPS site or something else. It only knows about the domain address that is being looked up.

    You remedy this by deciding which service you want to use, OpenDNS (presumably OpenDNS Home) or LPC (Live Parental Controls) on your Netgear router. The two services will not work in conjunction, and at best will give you inconsistent results. Once you've decide that you completely disable the one you don't want to use on the router and your network, and delete all settings related to it on the appropriate dashboard (OpenDNS or Netgear).

    After that your filtering should work properly.

  • Avatar
    ewacademy

    Just for the record, we are having this issue too. As a small school, we cannot use the "free" personal account to filter our traffic, but we had an OpenDNS account for the other services offered - general DNS resolution, phishing, etc. When we upgraded our router and got Live Parental Controls, I was pretty excited, because the filter we were using prior to that could not block https traffic so I had to touch each computer individually to block sites.

    Using LPC I kept the Social Networking category unblocked in case teachers were using these sites, but added facebook.com to my blacklist. But facebook does not get blocked. Weird. When I blocked the whole Social Networking category, facebook is blocked, but some teachers lost access to networking services they normally use. So I'm now in the process of trying to identify and whitelist them.

    So I agree that LPC blacklist does not appear to block https traffic.

  • Avatar
    ewacademy

    OK, after looking at more questions here, I followed the advice of several people and deleted the previously existing "network" in my general OpenDNS account settings.

    Now my blacklist at netgear.opendns is making facebook.com resolve to a "insecure connection" so that seems to be a step in the right direction.

  • Avatar
    rotblitz (Edited )

    This message is normal when you attempt to visit a HTTPS site where the related domain is being blocked by your settings.  You will be presented with an OpenDNS certificate, not a Facebook certificate in your example, this causing browsers to raise this warning message.

    If you have the option to ignore this warning, then you will reach the OpenDNS block page.

Please sign in to leave a comment.