Update: Set your SSH on the wpad to only allow access during business hours. This can be done with the PAM

edit the following file

/etc/security/time.conf

add:

sshd;*;*;AL0500-2300

Meaning I can only access ssh into my wpad durring 5-2300

After adapt /etc/ssh/sshd_config

make sure your listenaddress is the ip of the wpad set your AllowUsers to your login

Example

Port 8085 #change port if needed AddressFamily inet #ipv4 only ListenAddress 192.168.1.6 #address of wpad AllowUsers Jonathan@192.168.1.* # any device that is 192.168.1.X

Change

PermitRootLogin no #no ssh login for root UsePam yes # turn on pam for use with time restrictions

after adapt
/etc/passwd

for added security also change your login to use the shell rbash and lock down the wad.

Also if you use ipv6 and ipv4 you will have a race condition and sshd will not start on reboots you must also adapt

sudo -i systemctl edit --full sshd.service

under [unit] add

Requires=network-only.target After=network-only.taget

This will only start sshd once the network target is running in my example 192.168.1.6 I also have ipv6 running so it would cause issues unless I changed this. If you do not use ipv4 forget about this.

@JonathanLee sorry if I wasn't clear. No, one URL should be enough

@High_Voltage said in Web gui, ssl/https connectivity, squid, and wpad:

just took me a bit to realize I was having a moment of brain dead, THANK YOU ALL! - THX 😉

BTW:
if you want to perform a serious Squid + Squid Guard installation.
I have an acquaintance here on the forum and I can bring you together with him...☺