Web filtering fails for IP of website but DNS is blocked

Forum|Forum|6 years ago
June 17, 2019
1 reply
4636 views

Have a Fortigate setup with Deep SSL inspection with web filtering, the web filtering works if i go to https://websitegoes here.

However, if i type in the IP of that site it goes straight through, is that to be expected? how can i change this?

hubertzw

New Member

I'm not sure how effective it will be in your case but you can try: 'Rate URLs by domain and IP Address'. You can find it in the 'Web Filter' security profile, in the 'Rating Options' section.

Dave_Hall

New Member

Keep in mind when rating URLs by IP address is some site may be hosted on "cloud" servers and/or may be classified as such or pulls page elements (e.g. images) from other domains, so you may run into rating issues.

Your best bet if you really want to nix users from browsing by IP address is to perhaps craft a URL using perl or regular expression that triggers on a IP-like addresses - I never tried this myself so do not know how effective it would be.

emnoc

New Member

Yes correct, virtual-hosting could become an issue. You should block by dns or content in the URL string.

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded