There are scenarios where using a 'static URL filter' on a web page that is being blocked by a 'FortiGuard Category Base Filter' does not allow the page to open or charge properly, like in the next example (the Web Page "ccovers.com" is going to be used as an example for this test):

As shown, the page is being blocked because it is hitting a FortiGuard Category (Gambling), even if a static URL Filter using a Simple, Regular Expression and a Wildcard does not override the FortiGuard Category.

This is because (almost) all the public web pages use not only one specific URL or Domain to resolve and show the complete page. That is why using a common 'static URL filter' configuration will not help to allow the page.

It is difficult to know what is the specific or all the URLs needed to open property the public web page.

To allow the page to use a 'Web Rating Overrides' profile and configuration. Follow the next to create them:

1. It is necessary to create a 'Custom Category'. This category is like the category that FortiGuard uses and is consulted by the FortiGate, but this category is going to live on the FortiGate. To create the category, go to 'Security Profiles > Web Rating Overrides > Custom Categories'. 

2. Once on the Custom Categories page, select 'Create new', set the name (E.g. 'Allow_Covers'), select 'enable' and save the profile.

3. Now that the Category is created, go back to 'Web Rating Overrides' and select 'Create new'. On this new page set the 'URL' and use the 'lookup rating' to know the FortiGuard category is hitting (E.g. URL: 'www.covers.com'/ Category: 'Adult/Mature Content'/Sub-Category: 'Gambling'). On the section 'Override to' choose 'Custom_Category' and set the new category on the 'Sub-Category' option created in step 2 (E.g. 'Allow_Covers'):

4. This new category is going to be used on the Web Filter profile on use in the policy, this category is going to hit first than the other categories. To work, go to the Web Filter profile on use and the 'FortiGuard Category Based Filter' search on the section 'Local Categories' the new category created in step 2 (E.g. 'Allow_Covers'), set the action to 'Allow' and click on 'OK' to save the configuration.

5. The page is going to be shown and allow:

Note: 

As shown on the last image, the page is not properly shown, and some missing images and sections of the page continue to be blocked. This is because of the behavior talked about before, some pages need and use more than one static URL.

To properly allow the full page, track the logs of the Web Filter under Log & Report -> Security Events -> Web Filter. The missing URLs and allow them on the Web Rating Override profile created for this page (E.g. 'Allow_Covers').

• Track the missing URLs on the logs:

• Allow the missing URLs (Following the Step 3):

With this full configuration and using Web Rating Overrides custom profile (Local Categories) now the page loads property and the FortiGuard Category Base Filter continues blocking other 'Gamble' URLs but allows only 'www.covers.com'.