Block Flash content on Squid proxy

One of the trending topic I discuss regularly with my company IT department is the need to block Flash content on our navigation proxies.

As a Security people I have no doubt about, Flash must be blocked. Period.

Because I manage some Squid proxy I made this simple and effective configuration in squid.conf file.

# Block FLASH VIDEO
acl byeflash rep_mime_type -i video/flv video/x-flv ^application/x-shockwave-flash video/f4m video/f4 ^application/.*flash.*
http_reply_access deny byeflash

I made an ACL (byeflash) that match against the mime type of the reply received from Squid proxy (see ACL documentation for more details on rep_mime_type). This is a regexp that look for some specific mime type related to Flash content to block it.

The acl is then applied to http_reply_access configuration directive (see documentation).

Restart squid and say goodbye to Flash!

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scubarda

from Giovanni "merlos" Mellini

Block Flash content on Squid proxy

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply