Vision
Products
- OLFEO SSE
  SWG
  Web security made easy
  DNS
  Security through DNS filtering
  CASB
  The Cloud Access Security Broker for securing the use of SaaS applications
  Log Connector
  Integrate Olfeo with your SIEM or XDR solutions
- OLFEO ON-PREMISE
  Secure Web Gateway
  The highest level of web security within your IT perimeter
  DNS Filtering
  Olfeo web security for unmanaged devices and workstations
- OLFEO AWARENESS
  Awareness
  The e-learning solution to raise your employees' awareness of cyber risks
- OLFEO DATABASE
  URL
  Olfeo's white label URL database
  SaaS Application
  Olfeo's white-label SaaS application database
Solutions
- BY BUSINESS SECTOR
  Local authorities
  Town halls, intermunicipal authorities, communities of municipalities
  Health
  Hospitals, clinics, university centers
  Education
  Elementary schools, middle schools, high schools, universities
  OIV, EE, and EI
  Operators of Vital Importance, Essential Entities, and Important Entities
- BY USE CASE
  Web filtering in the workplace: protection, productivity, and compliance
  Everything you need to know about Secure Web Gateway
  Understanding Security Service Edge (SSE)
  Never without my Proxy: the love story of Firewalls and Proxies in business
  What is URL filtering?
  Shadow IT: the hidden side of your internal infrastructure
  Understanding Zero Trust Network Access (ZTNA)
Resources
- RESOURCES
  White papers
  Olfeo expertise for everyone.
  Videos
  Check out the videos and tutorials
- BLOG
  News
  News, tutorials, and opinions
  Podcasts
  Listen to cyber news and issues by Olfeo
- TESTIMONIALS
  Val d'Oise Department Poitiers University Hospital Roederer Champagnes Carcassonne Town Hall Greater Cognac Area
- GLOSSARY
  We break down cyber terms for you
Partners
- PARTNERS
- Become a partner
  Find out how to join the Olfeo partner network
- Technology alliances
  Find Olfeo's partners and technology integrations
Support
- Support
  Your access to Olfeo teams
- Technical documentation
  See all our documentation and release notes for our products
- Knowledge base
  Discover our technical articles and Olfeo knowledge bases
- Classification request
  Contact Olfeo to add an unknown URL to the filter database.

Ekinops Contact us

▶ BLOG

KB No. 1962: AUTHENTICATION POP-UP ON CERTAIN WEBSITES

KB OLFEO On-Premise

November 10, 2023

Some websites open a manual identification pop-up each time you visit.

Symptom

Some websites open a manual identification pop-up each time you visit.

Background

Some sites do not use NTLM authentication, but instead use "basic" authentication. This results in a manual identification pop-up appearing each time the site is visited (Windows Update sites and certain sites using Java applets are particularly affected). To avoid this manual authentication for the user, an Olfeo filtering exception must be created on the HTTP proxy for a URL or domain.

Tests

Go to the proxy configuration menu to add ACLs:

ACLs must appear in the proxy configuration file.

vim /etc/squid3/squid3.conf

Which gives:

dstdomain: for a domain

dst: for an IP address

url_regex: for a URL

Complete list of squid directives:http://www.squid-cache.org/Doc/config/.

To test an ACL before adding it to the webadmin, you must edit the proxy configuration file.

The ACL above allows (and bypasses authentication) for requests to the test123.com domain.

squid3 -k parse -f /etc/squid3/squid3.conf

If no alerts appear for the ACL that has been added, it is possible to reload squid without having to restart it:

squid3 -k reconfigure -f /etc/squid3/squid3.conf

IMPORTANT: Theredirector_access denydirective makes all access requests to these sites transparent. There will be no trace of visits to these sites in the statistics.