Block Facebook using Squid at office

Many weeks ago, almost all people working at office with me stuck at Facebook! They were working on it for hours every day. I do not understand that at all (I don’t see any thing attractive in Facebook, I don’t have a Facebook account yet!). We tried everything to change this bad habit with no luck.

Because I am the Technical Manager at my Company, I have access to all computers and equipments. So I use the extreme solution and block Facebook! I searched the Internet for about 2 days about an easy solution or a free firewall to block websites, but I find nothing. So I decided to do it my way. So if you see that you have a hopeless case at you work like me, here is how I blocked Facebook:

ADSL Router Configuration

In our office we have an ADSL Router which is our connector to the Internet. This router and all our computers are connected through a switch. Our ISP already has a Proxy and all requests at port 80 is redirected to it. Fortunately, Facebook is forbidden at this proxy! so how can my employees open it? I discovered that all my employees have proxies with different ports, so they can bypass ISP Proxy which is filtering port 80 only (no proxy requests).

Now my first challenge is: how can I stop all these proxies? and force all people to use ISP Proxy? The easy way is to close all other proxies ports (normally 3128, 8080). But there is some proxies working on other ports like 808, so you must block all possible ports.

From the web interface of my router I added some rules to block all ports above 80 for all computers (except SQL port and Remote Access port).

Squid Proxy

I thought that my problem is solved and that is right, because now my employees can’t open Facebook but that was wrong!. My problem is just began, unfortunately our ISP proxy blocks many websites not only Facebook. So how can we open these websites now?

Read the rest of this entry »