Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbhavsar
Staff
Staff

Created on ‎10-14-2024 06:14 AM Edited on ‎05-07-2025 06:27 AM By Community Manager

Article Id 348963

Technical Tip: Blocking access to websites URL directories and allowing the root website using static URL filter

Description This article describes how to access the root domain site while blocking its sub domains.
Scope FortiGate.
Solution

For example, the configuration below shows how to allow www.oracle.com while blocking www.oracle.com/java/technologies/downloads/

 

The website 'www.oracle.com' belongs to the General Interest, Information Technology category, which is allowed in the following screenshot.


The web-filter is configured as follows:


web-filter.pngThe firewall policy is configured as follows:


policy.png
As shown in the screenshot, www.oracle.com is accessible and www.oracle.com/java/technologies/downloads/ throws a blocked page.


website.png

 

For more information on how breakdown component in URL is done refer to this article and actions can be configured accordingly. 

 
Note:

Deep Packet Inspection must be used in the policy or else the web-filter will not be able to block the exact destination URL.
735
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.