With all the CDNs and content been served from several locations for a single web page for example, would it be possible to implement a maintainable whitelist in something like a proxy? Does it makes sense? Or I would break half of the websites?
With all the CDNs and content been served from several locations for a single web page for example, would it be possible to implement a maintainable whitelist in something like a proxy? Does it makes sense? Or I would break half of the websites?
Do you think a Proxy would be better in this regard compared to a firewall? I was trying to watch the logs of ufw today and see if I could do something there but the incoming and outgoing connections are A LOT, and I would essentially like to whitelist both per domain and per IP.
How much maintainance would this require? I wonder how often IPs change today, but with all the NAT, dynamic DNS and CDNs there around maintaining a whitelist only with IP addresses looks like a nightmare…
Squid proxy with squidguard could be a better option than trying to work with a forewall maybe?