When a user attempts to browse to an HTTPS site that has been blocked, instead of receiving the GFI WebMonitor's blocking page or message that states 'Blocked: You have been blocked from downloading this file since it breaches a security policy...' they receive one of the following standard messages:
The page cannot be displayed
Certificate-Based Authentication Failed
There is a problem with this website's security certificate
- GFI WebMonitor
- GFI Cloud Web Protection
With HTTPS Inspection disabled GFI WebMonitor can block HTTPS connections upon the first attempt to connect. However, once a link to the destination web server is established, any pages or files downloaded through that connection cannot be monitored, scanned, or blocked. One of the side effects of this is that when a connection to an HTTPS site is blocked, the users will not be presented with the WebMonitor blocking page/message.
This is expected behavior when the HTTP Inspection is not enabled. For the user to see the blocking page or message, you should enable HTTPS Inspection in the Stand-alone Proxy version, or allow Outgoing HTTPS Packet Inspection in TMG.
Note: ISA Server does not support this feature.