Troubleshooting Tip: Legitimate website is blocked by FortiGuard Intrusion Prevention, categorized as 'Unrated'

When a legitimate website is blocked due to being categorized as 'Unrated' by FortiGuard Intrusion Prevention (see attachment), follow these steps:

1. Verify if the URL has been categorized by FortiGuard Labs by visiting https://www.fortiguard.com/webfilter.
2. If FortiGuard Labs categorizes the URL as 'Not Rated,' create a static URL filter for the legitimate site with the action set to 'Exempt' instead of 'Allow', and select 'Wildcard' as the Type. This web filter configuration with the firewall policy ensures the website can be accessed without further issues:

3. Submit a web form to reclassify the website or domain mistakenly categorized under the web filter. Refer to Technical Tip: How to request a category change for a website or domain incorrectly listed under the Web filter.

Note: A URL is detected as a 'Newly Observed Domain' (NOD) if the domain name does not exist in the database and the URL is observed for the first time by the FortiGuard Distribution Servers(FDN) or FortiGuard server. The URL will then remain in this category for 30 minutes during which it is scanned for malicious content. If there is no malicious content found, the category for the URL changes to 'Not Rated'.

These 'Not Rated' domains will then be queued for review based on the visit counts. The duration depends on how popular the 'Unrated' websites are and how long the 'Unrated' queue is.