Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Understand Block List and Bypass List Precedence for Non-HTTP or HTTPS Traffic

  1. Last updated
  2. Save as PDF

This topic describes how SCP applies Block List and Bypass List rules on non-redirected ports in macOS and Windows.

macOS 

When Block traffic only for the following processes setting is enabled in the Block List proxy settings, the Block List takes precedence over the Bypass List for all non-HTTP/HTTPS traffic (ports other than 80 and 443). 

The following are the scenarios observed while handling traffic on non-HTTP/HTTPS ports: 

  • Scenario 1: Blocking traffic on non-HTTP/HTTPS ports
    If a process on the Block List tries to access a bypassed domain or subnet using a non-HTTP/HTTPS port, the connection is blocked. In this case, the Block List takes precedence over the Bypass List.

  • Scenario 2: Allowing traffic on specific non-HTTP/HTTPS ports
    To allow traffic to bypassed domains or subnets on certain non-HTTP/HTTPS ports, ensure to add the ports under Proxy Servers → Specify more ports to redirect as HTTP/HTTPS. This configuration redirects the traffic through HTTP/HTTPS, applying the Bypass List rules, and continues establishing the connection.

Windows 

On Windows, the Bypass List takes precedence over the Block List. This allows traffic to bypass on a given Domain, even if the process or application is on the Block List

NOTE: To ensure consistent behavior across platforms, Skyhigh updates Windows to align with macOS, starting with the 5.x version.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    How-to
  2. Tags
    This page has no tags.