How to block Facebook using Mikrotik

In this article I want to show on how to block Facebook using Mikrotik in three steps. We will use Web Proxy feature included in Mikrotik. We assume the LAN (Local Area Network) address is 192.168.56.0/24 and the IP address of  ‘ether1’  which facing to the LAN is 192.168.56.254.

Here are the three steps:

1. Enable Web Proxy

We enable this web proxy without cache on disk.

ip proxy set enabled=yes port=8080 cache-on-disk=no

2. Add proxy access rules

In this step we define which website we want to block. In this case, we want to block Facebook. Remember that Facebook has many sub-domains so we have to block all that sub-domains.

ip proxy access add src-address=192.168.56.0/24 dst-host=*.facebook.com action=deny

The ‘*.facebook.com’ value means all sub-domains of facebook.com.

3. Enable the transparent proxy

In this step we have to redirect all web access to facebook.com coming from the LAN to the web proxy.

ip firewall nat add chain=dstnat  in-interface=ether1 dst-port=80 protocol=tcp action=redirect to-ports=8080

That’s all. You can add as many websites that you want to block as described in step 2.

6 Comments

  1. Pankrezy

    thank’s for the tutorial …it works on my network

  2. There is an issue with this solution: if users type https://facebook.com they will not be blocked by the Proxy, because no proxy seems to block the HTTPS port. Does anybody found a solution for this yet? I have tried everything from blocking the 443 (HTTPS) port either in the Proxy or by creating firewall rules but nothing seems to work.

  3. thank you very much is this your article, very helping me in finishing my job

  4. mahdi

    there is the way to block facebook from your local network through mikrotik, i did this and it works. just follow the instruction from this website.

    good luck

  5. sohel

    i blocked website with web proxy,problem is,it is taking more Bandwidth from ISP server.

  6. Lisa Valentine

    Also on the subject of blocking social media apps on the enterprise network, here's a helpful resource. It's a whitepaper called “To Block or Not. Is that the question?”

    http://bit.ly/9f8WOT

    It has lots of insightful and useful information about identifying and controlling Enterprise 2.0 apps (Facebook, Twitter, Skype, SharePoint, etc.)

    Share it with the IT Dept.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.