hello, I need help blocking .exe, .zip, .rar and etc downloads on https sites!
This is my first post on the forum, I thank the patience
You should search and read first before you made your first post.
I did not find anything relevant, can you help me please
Not possible unless you own all the client devices and install MITM root certs.
That is what I thought too, but this site claims otherwise.. I haven’t tested their claims though.
https://www.timigate.com/2016/01/stop-downloads-and-punish-offenders.html
Layer7 filter only works if Layer7 is not encrypted. With https, the request text is already encrypted and, as @R1CH wrote, unless you install MITM certs that request text is unreadable for router. Hence the filter will not be effective.
Indeed. That is why I commented on the article. 
But then again, the article is two years old and back then, not everybody used free SSL certificates from LetsEncrypt … therefore probability of filtering some traffice was slightly higher than nowadays.
Comments were from last week though 
Those rules would work if it is mixed content. The calls are then made to a non TLS site.