web filtering using Host file
- 
 @IT-ADMIN said: aahh i see what you mean Mr Scott, i should block all traffic except for outbound traffic going to my proxy server Exactly. That takes care of the general networking workaround. Now the proxy is in control of traffic and can determine where people can go. 
- 
 i just test it right now, but it has affected other ports like outlook, now i cannot sent and receive mails, 
- 
 @IT-ADMIN said: i just test it right now, but it has affected other ports like outlook, now i cannot sent and receive mails, Only block 80/443 for now. The proxy doesn't handle other protocols. 
- 
 yes, i will open all ports except 80 and 443 for all destination, and for those 2 ports i should forward them only to the proxy IP 
- 
 yes, now i understand your wise sentence, proxy by itself cannot do the job except with the collaboration of the firewall rules 
- 
 @IT-ADMIN said: yes, i will open all ports except 80 and 443 for all destination, and for those 2 ports i should forward them only to the proxy IP Exactly. 
- 
 @IT-ADMIN said: yes, now i understand your wise sentence, proxy by itself cannot do the job except with the collaboration of the firewall rules  Yes, one for the networking portion and one for the web portion. Yes, one for the networking portion and one for the web portion.
- 
 yes you are right, thank you very much for your help and willingness to share your knowledge 
- 
 @IT-ADMIN said: yes you are right, thank you very much for your help and willingness to share your knowledge Glad to help  
- 
 by doing this portable browser cannot access the web unless they enter proxy setting (of the proxy), so they will be obliged to pass through the proxy, otherwise they cannot access the web 
- 
 @IT-ADMIN said: by doing this portable browser cannot access the web unless they enter proxy setting (of the proxy), so they will be obliged to pass through the proxy, otherwise they cannot access the web Correct 
- 
 and if they don't know my proxy setting they will contact me so that i will know who try to bypass the company policies and then i will make for them a good report with the manager hhhhhh 
- 
 @IT-ADMIN said: and if they don't know my proxy setting they will contact me so that i will know who try to bypass the company policies and then i will make for them a good report with the manager hhhhhh True. Although they will probably just fall back to the company browser at that point. 
- 
 hhhhhh, but still there is a way to access facebook even with all of these precaution and setting, online proxy browser, this way you cannot do anything 
- 
 and these online proxies are many, you cannot block all of theme 
- 
 @IT-ADMIN said: hhhhhh, but still there is a way to access facebook even with all of these precaution and setting, online proxy browser, this way you cannot do anything Correct, short of whitelisting there is absolutely nothing that you can do. Which is why, at the end of the day, it's generally best to not block and let HR retain people who work well and fire those who do not. Really, at the end of the day, people will just do it from their phones if you block it. Making them even less productive. 
- 
 yes but you don't have the choice, the administration think that blocking those website they will improve productivity, and i have to make what they ask me to do, the problem here my situation will be very embarassing if the manager know that someone still have the ability to access facebook or youtube, and the worst the manager don't understand that you cannot block all online proxies, he will think that you are not sharp enough to do the job 
- 
 @IT-ADMIN said: yes but you don't have the choice, the administration think that blocking those website they will improve productivity, and i have to make what they ask me to do, the problem here my situation will be very embarassing if the manager know that someone still have the ability to access facebook or youtube, and the worst the manager don't understand that you cannot block all online proxies, he will think that you are not sharp enough to do the job Present the impossibility and all of the effort that will go into attempting to work around it OR just don't worry about it because the business isn't being rational. 
- 
 because we don't have an IT manager, so you will find difficult time trying to explain to someone (owner) who don't understand what you are talking about, he know only one thing which is doing what i want: how to do that, it is your problem 
- 
 Figuring out how to present to management is key. Put things into business terms and present the costs and trade offs and rational arguments. Don't talk tech, talk business. 

