Block downloading of exe files over http & https

desiwizard · May 5, 2015, 12:12pm

I have been trying to block downloading of exe files, through firewall or layer 7. The rule does block http protocol but none of the rule is able to block downloading if I use https in address bar

example //

"http://files.avast.com/iavs9x/avast_free_antivirus_setup_online.exe " gets blocked

https://files.avast.com/iavs9x/avast_free_antivirus_setup_online.exe is not getting blocked

Can someone please guide to block on both protocols.

Thank You

boen_robot · May 5, 2015, 1:05pm

By design, you can’t inspect the contents of HTTPS requests and responses. The URL and MIME type are both part of the contents. => There’s nothing you can do about this, short of blocking all HTTPS connections to a particular IP.

Uqbar · May 5, 2015, 2:15pm

An HTTP proxy can do it, but I haven’t set it up yet.
Try give it a read on http://wiki.mikrotik.com/wiki/Manual:IP/Proxy

desiwizard · May 6, 2015, 9:20am

I had tried by using webproxy but that does not work.

Thanks anyway