On Wed, 8 Sep 2010 18:45:41 -0700 (PDT), devlin7 <it_at_wghs.school.nz>
wrote:
> Hi,
>
> I am using SquidNT and opendns. Opendns is great but the proxy blocking
is
> a
> little behind the times [understandably]. I have noticed the proxy sites
> change daily but they all operate the same way so I have added the
> following
> to my squid.conf
>
> ######################################
> # Block Keywords
#
> #####################################
> acl keywords url_regex -i "c:\squid\etc\keywords.acl"
> http_access deny keywords
> deny_info err_keywords keywords
>
> And my keywords file looks like this:
>
> .info/browse.php
> .org/browse.php
> .eu/browse.php
> .es/browse.php
> .us/browse.php
> .nl/browse.php
> .me/browse.php
> .mobi/browse.php
> .co.cc/browse.php
> .in/browse.php
> .net/browse.php
> .cz.cc/browse.php
> .at/browse.php
> .co.tv/browse.php
> .tk/browse.php
> .us/browse.php
> .php/?i8v
> .php?u=?i8v
> /browse.php?u=
> /index.php?q=
> /index.php?sp=
>
> No lots of proxies are being blocked when students try to use them but
> there
> are other not working and I can see why
>
> For example
> http://myphproxy.com/index.php?q=aHR0cDovL3d3dy5nb29nbGUuZGUv lets me
> straight out.
>
>
> Any suggestions?
Sigh. Reason #2 for avoiding regex: People blindly cut-n-paste'ing
For example: /index.php?q= matches /index.phpq= or /index.phq= ...
not much else.
... .me/browse.php matches example.com/home/browse.php or more likely
gallery/home/browse.php
... .php/?i8v matches any URL with the string "phpi8v" anywhere in it.
... .php?u=?i8v matches any URL containing "phui8v"
If you were to match " /index\.php\?q= " you would catch just about every
PHP website with a custom search facility. It used to be used by a quite
popular plugin.
Amos
Received on Thu Sep 09 2010 - 03:35:55 MDT
This archive was generated by hypermail 2.2.0 : Thu Sep 09 2010 - 12:00:02 MDT