Ipfire proxy (non transparant) antivirus https

Hi all,

I have configure the proxy server. (non transparent proxy) now when i download a test virus from a http link it is scanned and blocks the file. When i download the file from https it does not scan the file and does not block the file.

How could i resolve this, and let it also scan https?

I think you have also activated clamav.
Squid (and the helpers squidclamav, URLFilter, … ) cannot analyse the content of encrypted data packets which flow in HTTPS connections ( see man-in-the-middle ).
These attacks can be detected at the endpoint of the HTTPS connection only, the client in the local net.


Indeed clamav is activated and squid also. How can i accomplish this setup? so that it can scan https traffic?

sorry i now know what you mean. It can not be scanned only by antivirus on the client.

It is not possible without breaking https totaly and we not support this.

1 Like

Hi all,

i think Squid can in general not analyse any content since it provides only a URL-filter not a
content-filter but with this, URLs also HTTPS ones can be filtered (NON-transparent)…

Just a beneath one :slightly_smiling_face: .



1 Like

chris asked about blocking viruses.
This can be only done by analysing the content. Thus my answer.

1 Like

OK i see .