In this article I want to show on how to block Facebook using Mikrotik in three steps. We will use Web Proxy feature included in Mikrotik. We assume the LAN (Local Area Network) address is 192.168.56.0/24 and the IP address of ‘ether1’ which facing to the LAN is 192.168.56.254.
Here are the three steps:
1. Enable Web Proxy
We enable this web proxy without cache on disk.
ip proxy set enabled=yes port=8080 cache-on-disk=no
2. Add proxy access rules
In this step we define which website we want to block. In this case, we want to block Facebook. Remember that Facebook has many sub-domains so we have to block all that sub-domains.
ip proxy access add src-address=192.168.56.0/24 dst-host=*.facebook.com action=deny
The ‘*.facebook.com’ value means all sub-domains of facebook.com.
3. Enable the transparent proxy
In this step we have to redirect all web access to facebook.com coming from the LAN to the web proxy.
ip firewall nat add chain=dstnat in-interface=ether1 dst-port=80 protocol=tcp action=redirect to-ports=8080
That’s all. You can add as many websites that you want to block as described in step 2.
thank’s for the tutorial …it works on my network
There is an issue with this solution: if users type https://facebook.com they will not be blocked by the Proxy, because no proxy seems to block the HTTPS port. Does anybody found a solution for this yet? I have tried everything from blocking the 443 (HTTPS) port either in the Proxy or by creating firewall rules but nothing seems to work.
thank you very much is this your article, very helping me in finishing my job
there is the way to block facebook from your local network through mikrotik, i did this and it works. just follow the instruction from this website.
good luck
i blocked website with web proxy,problem is,it is taking more Bandwidth from ISP server.
Also on the subject of blocking social media apps on the enterprise network, here's a helpful resource. It's a whitepaper called “To Block or Not. Is that the question?”
http://bit.ly/9f8WOT
It has lots of insightful and useful information about identifying and controlling Enterprise 2.0 apps (Facebook, Twitter, Skype, SharePoint, etc.)
Share it with the IT Dept.