[clamav-users] Squid + ClamAV
Henrik K
hege at hege.li
Thu Apr 2 06:45:32 UTC 2020
On Thu, Apr 02, 2020 at 08:14:21AM +0200, Andrea Venturoli via clamav-users wrote:
> On 2020-04-01 19:38, Henrik K wrote:
>
> >> But pretty much all
> >> websites are SSL encrypted these days, so there's nothing to scan
> >> unless you do nasty man-in-the-middle decryption. Everyone has virus
> >> scanners on their PC, browsers have all sorts of proctection etc.
> >> The days of proxy scanning are long gone, it's just categorizing and
> >> blacklisting urls these days..
>
> Well, you'll need MITM anyway if you want to see HTTPS URLs and be able to
> blacklist them.
There's always the request hostname which can be used.. for many
organizations that's enough to filter.
More information about the clamav-users
mailing list