No idea if this is right place to ask.
In my country, by law, all ISPs are required to block certain websites. People can not access such sites. But, through proxy websites every one can access blocked websites. I guess the flow is My PC ---> My ISP ---> Proxy ---> Website and then it returns back the same path.
If all the Internet resources are requested through the ISP, then why can't they detect a disallowed website being requested via a proxy site?
If all the Internet resources are requested through the ISP, then why can't they detect a disallowed website being requested via a proxy site?
The only way to make sure that the ISP really can't detect what is being requested is by using encryption. You need either an encrypted connection to the other endpoint, or at least to the proxy.
Everything else they might detect, depending upon how sophisticated their equipment is and how motivated they are.
ISPs handle large volumes of traffic so there is a limit to the amount of analysis that can be done. All the legally required filters I'm aware of are domain blacklists. The ISP blocks all access to those domains, and does not generally look any deeper into your traffic. This is why sites like "pirateproxy.se" can trivially bypass the blacklist (at least, until that site gets blacklisted too).
The way this is usually done is through a transparent proxy. Some ISPs use their transparent proxy for all HTTP traffic, so implementing a domain blacklist is a relatively simple configuration on that proxy. If ISPs do not, what usually happens is there is an IP address "grey list" derived from the domain blacklist. Any request to an IP address on that list is directed to the transparent proxy, and then either blocked or allowed based on the target domain.
The ISPs could in theory do deeper inspection of your traffic. However, they are not likely to actually do this unless forced by legislation.
