@davea0511 I’m not sure that the MAC address will change just by unplugging and plugging back in. I think the MAC address is hard coded by the manufacturer. That’s why you can look up the manufacturer by MAC address. However, MAC address can be spoofed by software. For MAC address based filtering to work, the anonymous group should have the lowest privilege. You elevate privileges by adding specific MAC addresses to more privileged groups (or profiles in our vocabulary). So if someone spoofs a MAC address, more likely they’ll fall back to a less privileged group.
For HTTPS, we can whitelist/blacklist domains and subdomains, e.g., blogger.com can be blacklisted but myblog.blogger.com can be whitelisted. But we can not tell the path, i.e., distinguish between https://blogger.com/ and https://blogger.com/good-article.
