Re: [squid-users] "Access denied" pages for HTTPS requests

From: Chad Naugle <>
Date: Mon, 15 Nov 2010 10:31:20 -0500

This is a Internet Explorer setting under "Internet Options -> Advanced
-> Browsing" called "Show Friendly HTTP Error messages", disable this to
get the real error messages.

ALSO, if you are trying to simply block facebook, create a dstdomain
ACL instead, and don't forget to include

Chad E. Naugle
Tech Support II, x. 7981
Travel Impressions, Ltd.

>>> "Vonlanthen, Elmar" <>
11/15/2010 10:23 AM >>>
Hello all

I have the following setup:

- Windows client with Internet Explorer and configured squid proxy for
- Squid 3.1.8 as proxy
- Squid access rule:
  acl facebook url_regex
  http_access deny facebook

If the client is trying to connect to, the IE
cannot display the squid "access denied" page (IE displays the default
message "Cannot display the website"). It makes sense, because squid
cannot send the error page back via HTTP, if the client is sending a
CONNECT request.

But is there any possiblility to do this anyway?

I did some tests with ssl_bump, deny_info, url_rewrite but wasn't
successful. I wonder if I am the only person with this problem.

Any ideas?

Thanks for any help.

Best regards

Travel Impressions made the following annotations
"This message and any attachments are solely for the intended recipient
and may contain confidential or privileged information. If you are not
the intended recipient, any disclosure, copying, use, or distribution of
the information included in this message and any attachments is
prohibited. If you have received this communication in error, please
notify us by reply e-mail and immediately and permanently delete this
message and any attachments.
Thank you."
Received on Mon Nov 15 2010 - 15:31:38 MST

This archive was generated by hypermail 2.2.0 : Mon Nov 15 2010 - 12:00:02 MST