Blacklist and Remote ACL not working

[M@rch0n]

Hello,

I have an Opensense 19.1.1 with Basic Proxy and no authentication.

I tried to block facebook through the conventional GUI blackslists in "Services > Web Proxy > Administration > Access Control List" but even added .facebook.com, ".facebook.com", facebook.com and "facebook.com" access is still allowed by the proxy. My ACL whitelist is empty.

Looking at the cli/bash configuration file "/usr/local/etc/squid/squid.conf" was as below;
# ACL - Blacklist - User defined (blackList)
acl blackList url_regex \.facebook\.com
acl blackList url_regex  "\.facebook\.com"
acl blackList url_regex facebook\.com
acl blackList url_regex "facebook\.com"

and I see in the logs the access being allowed
192.168.10.254 TCP_TUNNEL/200 370105 CONNECT www.facebook.com:443 - HIER_DIRECT/185.60.219.35 -

So I also added Remote ACL UT1 and selected only porn and social_network and I still see the access being allowed by the Proxy.

Log access
1552499817.222 28   192.168.10.254 TCP_TUNNEL/200 39 CONNECT staticxx.facebook.com:443 - HIER_DIRECT/185.60.219.16 -
1552499817.222 32   192.168.10.254 TCP_TUNNEL/200 39 CONNECT staticxx.facebook.com:443 - HIER_DIRECT/185.60.219.16 -
1552498763.181 270673   192.168.10.254 TCP_TUNNEL/200 249290 CONNECT www.facebook.com:443 - HIER_DIRECT/185.60.219.35 -
1552498744.174 248720   192.168.10.254 TCP_TUNNEL/200 1740 CONNECT facebook.com:443 - HIER_DIRECT/185.60.219.35 -

I checked the /usr/local/etc/squid/acl/UT1 file and it contains 1,968,784 lines and with facebook 494 and even then access is allowed.

# wc -l /usr/local/etc/squid/acl/UT1
1968784 /usr/local/etc/squid/acl/UT1

# grep facebook /usr/local/etc/squid/acl/UT1 | wc -l
494

Is there something I'm doing wrong?

Thanks