Block specific url doesn´t work

Forum|Forum|10 years ago
April 11, 2016
3 replies
12474 views

Hi,

We have a Fortigate 800C and we have a problem with one url that we can´t block. The url is musicmp3.ru

I put the URL on the Web Filter Profile that belong the user, with the action BLOCK but for some reason this specific URL doesn't´t work.

Please your help.

Best regards,

Lester Mendoza

1.JPG

jmmille

New Member

Be sure that's the Web Filter policy attached to your Network Policies.

Otherwise, you might want to try a wildcard as well *.musicmp3.ru

llmendozAuthor

New Member

Thanks jmmille.

I double check and is on network policies, in fact I have another's block pages that works fine.

I test put as a Wildcard but is the same result.

JohnAgora

New Member

Can you double check the traffic is going inside that policy?

diagnose debug flow filter src <srcip>

diagnose debug flow trace start 20

memoarp

New Member

We had the same problem with mixcloud.com. We solved it by activating the SSL/SSH Inspection under the IPv4 policies. Apparently websites that are https certificated are not filtered by the webprofile unles the SSL inspection is activated. **Edit. We tried to block the website from the WebFilter by using the wildcards and even IP address to no avail. The only way for us to make it work was a combination of Webfilter + SSL/SSH inspection since the url is https://www.mixcloud.com

This has a consecuence: some safe websites could be blocked and they have to be manually set as SAFE on the web URL filter. This alone did not work: (Step1) Step 2. Activate SSL/SSH

... on a side note. What if a malicious website identifies itself as https? Could this be back door for an attack?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded