Skip to main content
AnotherName
AnotherName
New Member
October 8, 2019
Question

Adding mulitple website URL's to web rating overrides.

  • October 8, 2019
  • 3 replies
  • 14191 views

Hi all, is there any way to add multiple urls into a white list on the Fortigate 301e? At the moment I add individual url's in via Web Rating Overrides, but we have a list of about 900 urls to whitelist for a video site which has educational video's on it. We want only access to these specific video's but not the rest of the site. The company who has the video's gave us a white list for just their specific video's and player. Is there any way of adding all these video's in one go? Thanks.

    3 replies

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    October 8, 2019

    You need to use Static URL Filtering instead of category overrides. Category rating is based on the site/host, or IP. It wouldn't look for the path and file name, etc. See the manual for Static URL Filter.

    https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-security-profiles/Web_Filter/Static%20URL%20Filter.htm?Highlight=static%20url%20filter

     

    AnotherName
    AnotherNameAuthor
    New Member
    October 10, 2019

    Thanks for the reply. Found out there is a url to ratings converter in which you can paste the white list into and it creates the web ratings in which you can then paste into CLi to add the list in one go.

    iosman123
    iosman123
    New Member
    November 5, 2019

    thanks for the information...

     

    jameshopes
    jameshopes
    New Member
    July 13, 2020

    Is there any role of ISP in this matter? please help me facing same problem.

    sw2090
    SuperUser
    sw2090
    SuperUser
    July 13, 2020

    As Toshi said you cannot use a rating override for this!

     

    Rating override works only for sub|2nd-level|top-level domains and not for urls. It also supports no Wildcards!

    If you need to ilter a specific url you must use url filter. URL Filter does also support Wildcards and regular Expressions.

    If you have ssl inspection enabled on the policy this will require to also activate deep inspection in the ssl inspection profile used because certificate inspection only will render the url filter useless since ssl inspection will only see the domain (subject name or subject alternative name in certificate) then.

     

    Dave_Hall
    Dave_Hall
    New Member
    July 13, 2020

    @jameshopes

     

    To add to what Sebastian has said, URL filtering is processed from top-to-down and takes priority over local/FortiGuard ratings categorizes.   And depending on the action (Block, Allow, Monitor, Exempt) the url may be subject to further UTM rules. 

     

    Terms & ConditionsAccessibility statement