FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the URL paths that WhatsApp uses for different media types and how granular controlling can be applied using the URLs.
Scope
FortiGate.
Solution
This solution applies to PC/laptops using the WhatsApp application and also the browser version of the app as both operate the same way.
WhatsApp connects to the following CDN endpoint (Wildcard should be used):
*.cdn.whatsapp.net
The above wildcard defines the Host part of the URL and the host section defines how CDN can be reached. The path (added after the host part of a URL) defines the kind/type of media that is being accessed.
For example, for image file sharing the path would be '/mms/image/. Any user trying to send or access an image to another user/group, will rely on the following URL:
*.cdn.whatsapp.net/mms/image/*
Similarly, for other media types following are the URL paths:
Video: *.cdn.whatsapp.net/mms/video/
Audio : *.cdn.whatsapp.net/mms/ptt/
Image: *.cdn.whatsapp.net/mms/image/
Document: *.cdn.whatsapp.net/mms/document/
Sticker: *.cdn.whatsapp.net/mms/sticker/
On FortiGate static URL filter entries can be used for the above URLs to allow/block specific media types over WhatsApp.
