Jul 21

Block https web traffic using ZeroShell proxy

This time I’m going to demonstrate about how to block https web traffic using ZeroShell proxy.  As POC I’s going to block https://www.facebook.com here. This was done under ZeroShell version 3.3.2 which is most recent version at the time I’m writing.

1) Open firewall menu from web GUI


2) Add new rule to the “FORWARD” chain.


Zeroshell new firewall rule


3) Configure the https blocking rule from “Rule Config” sub windows.

Following parameters are important.

Input :- ETH03 (my LAN Port, change this according to your environment)
Source IP :- ip or rang of ip which this rule is going to apply
Protocol Matching :- TCP
Dest. port :- 443 (https port)
IPTABLES Parameters :- -m string –algo kmp –string facebook.com (most important configuration)

zeroshell iptable rule

4) Make sure you have ticked the “Active” to above rule.

this method works perfectly for any https enable web site.


  1. meg

    Hi ! I want to make the action drop. i tried but didn’t work for me, is their a way to do it? TIA :)

    I am new to ZS. :)

  2. Luis Franco

    That solution doesn’t work for me :'(

    1. admin

      ZeroShell has limited features. why don’t you try SOPHOS free tools .
      Sophos XG Firewall (home edition) is capable to filter https traffic as well. :-)

Leave Your Thought Here