Technical Tip: How to specify which security profiles to bypass for exempted URLs under Static URL Filter

hbac · ‎10-03-2024

Description

This article describes how to choose which security profiles to exempt (bypass) when a URL is configured under Static URL Filter of the Web Filter profile and the action is set to exempt. In this example, 'fortinet.com' is exempted.

In this scenario, traffic to 'fortinet.com' will be allowed to bypass further inspections from all security profiles by default.

Scope

FortiGate.

Solution

It is possible to specify which security profile to bypass in the CLI by using the following commands (not available in the GUI):

config webfilter urlfilter

edit 1
set name "Auto-webfilter-urlfilter_rmpau71ya"
config entries
edit 1
set url "fortinet.com"

set action exempt

set exempt ? <-- Use ? to see available options. Multiple options can be selected separated by space.
av AntiVirus scanning.
web-content Web filter content matching.
activex-java-cookie ActiveX, Java, and cookie filtering.
dlp DLP scanning.
fortiguard FortiGuard web filtering.
range-block Range block feature.
pass Pass single connection from all.
antiphish AntiPhish credential checking.
all Exempt from all security profiles.
next
end
next
end

Technical Tip: How to specify which security profiles to bypass for exempted URLs under Static URL Filter

You are leaving our website