Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
david_pereira
Staff
Staff

Created on ‎05-22-2023 06:25 AM Edited on ‎02-19-2025 06:38 AM By Moderator

Article Id 257418

Technical Tip: How to block users from searching for a specific word on Google

Description This article describes the procedures to create a web filter to block words from being searched via Google.
Scope FortiOS.
Solution
  1. Access the FortiGate and then go to Security Profiles -> Web Filter.
  2. Select 'Create New':

 

IMG001.jpg 

  1. Edit the Web Filter, scroll down the page briefly, and go to 'Static URL Filter'.
  2. Enable the option 'URL Filter' and then select 'Create New':

 

In this example, all searches on Google related to the word 'game' are blocked. Type the URL following the example below, it is possible to block any word search:

 

IMG002.jpg

CLI Reference:

 
config webfilter urlfilter
    edit 2
        set name "Auto-webfilter-urlfilter_yd0pnzusw"
        config entries
            edit 1
                set url "*www.google.com/search*game*"
                set type wildcard
                set action block
            next
        end
    next
end
 
config webfilter profile
    edit "Test filter"
        config web
            set urlfilter-table 2
        end
    next
end

 

  1. Go to 'Policy & Objects -> Firewall Policy' and create or edit the firewall policy responsible for allowing communication from the LAN towards the Internet:

 

IMG003.jpg

 

  1. In the firewall policy, scroll down under 'Security Profiles', enable the 'Web Filter' and select the newly created profile, and set inspection to 'Proxy Mode'.

 

re done.PNG

 

CLI Reference:

 

config firewall policy
    edit 20
        set name "Internet"
        set uuid 34845dd8-cd02-51ef-ec95-c1674de5d764
        set srcintf "port1"
        set dstintf "port3"
        set action accept
        set srcaddr "all"
        set dstaddr "all"
        set schedule "always"
        set service "ALL"
        set inspection-mode proxy
        set utm-status enable
        set ssl-ssh-profile "deep-inspection"
        set webfilter-profile "Test filter"
        set nat enable
    next
end

 
  1. Make sure to enable the deep-inspection profile in the 'SSL Inspection' and import the certificate onto the user's device. This is essential in order for this feature to work. To do this, follow the steps seen in this article:  Technical Tip: How to enable deep inspection and i... - Fortinet Community  

  2. In order to ensure the FortiGate is able to inspect all of the traffic coming from the user, QUIC should be blocked.
    The best way to block this for all users would be to make a new policy by following the steps seen in this article (Method 3): Technical Tip: How to block/disable QUIC - Fortinet Community  . Alternatively, this can be done for an individual user by following these steps:
  • In the URL bar, type:  chrome://flags
  • In the search bar, type 'QUIC'.
  • Select the first option and hit Disable.

  • Select 'Relaunch' to apply the settings.

quic.PNG

 

  1. All searches from the machines using the Policy above will have the search for the blocked word denied:

 

IMG005.jpg

 

It is possible to block any word on any search engine. Just make sure to follow the template above and follow all the steps.

 

4411
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.