Blog

Posted April 29, 2017

Gently Blocking HTTPS Sites

Share:

LinkedIn Icon
Scary for Users. Workload for Help Desks.

Users on networks with DNS-based filters blocked HTTPS sites ends up being shown a scary HTTPS certificate broken warning by the browser. This happens because the block page (hosted by the Cloud DNS provider such as Rawstream) does not have a valid SSL certificate for the blocked domain. The browser assumes that there is an evil hacker at work trying to intercept accept access to the domain.

This is alarming for users and generates needless tech support calls to helpdesk.

NXDomain it instead.

We cannot get around the problem of not having SSL certificates, but we can do something about the scary browser warning page. From today, when a user attempts to access a blocked HTTPS page they will get an NXDOMAIN error instead of being directed to our block page.

NXDOMAIN means domain does not exist – an error which the browsers can understand and does not result in showing scary alerts

This is a small change, but one we hope helps IT admins and improves the experience of end-users.

About Author

By Rawpress

Share:

LinkedIn Icon

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc sagittis porttitor felis sit amet vitae elit fermentum. Quisque vitae elit orci. Proin at mi efficitur, venenatis massa sed, porta nisi. In lobortis est et velit vehicula, nec dictum. Proin at mi efficitur...

Agent

Track Desktop Applications

Content filtering products limit themselves to reporting websites browsed....

April 9, 2021
By Rawpress
News

Product Name Update

The Rawstream Web Filtering agent provides web security and filtering on end-point...

April 15, 2019
By Rawpress
DNS

Blocking Zoom

Rawstream Network Security is a powerful DNS-based filter for network-wide security...

April 15, 2020
By Rawpress