Gently Blocking HTTPS sites

Scary for Users. Workload for Help Desks.

Users on networks with DNS-based filters blocked HTTPS sites ends up being shown a scary HTTPS certificate broken warning by the browser. This happens because the block page (hosted by the Cloud DNS provider such as Rawstream) does not have a valid SSL certificate for the blocked domain. The browser assumes that there is an evil hacker at work trying to intercept accept access to the domain.

This is alarming for users and generates needless tech support calls to helpdesk.

NXDomain---Your-Connection-is-not-private-certificate-error

 

NXDomain it instead.

We cannot get around the problem of not having SSL certificates, but we can do something about the scary browser warning page. From today, when a user attempts to access a blocked HTTPS page they will get an NXDOMAIN error instead of being directed to our block page.

NXDOMAIN means domain does not exist – an error which the browsers can understand and does not result in showing scary alerts.

This is a small change, but one we hope helps IT admins and improves the experience of end-users.

Related posts

New: Bandwidth Monitoring

Rawstream for Windows now tracks users' bandwidth usage. Reporting usage in real-time, the new Bandwidth report charts total bandwidth on a daily basis as well as the top categories for the chosen day. You can drill down further: click on a category to bring up per-user bandwidth...

Guest WiFi Analytics

Guest WiFi is widespread with literally millions of access points deployed throughout retail, hospitality, education and other industries. Knowing how many visitors connect, return visitors and similar data is valuable and there are products out there which can do this. All such products on...

How To: Custom Block Pages

Block pages are shown when an attempt is made to reach a blocked site. You can use custom block pages to show a message to users, show the organization logo and direct users to contact help desk. Rawstream block pages are completely customizable: they can contain HTML, CSS, link to external...