Description
This article describes how to exempt or block the access to a website which has subdomains/embedded links encoded.
Solution
Some sites use multiple sub-domains/embedded links, which might fall under the unrated FortiGuard category, or one of the sub-domains might fall under a blocked category of web filtering, making it necessary to exempt all sub-domains and embedded URLs as well in order to access the site.
Check Web Filter Security event logs to find the blocked sub-domain or embedded URL so it can be whitelisted.
To obtain the embedded URL’s of the site, follow the steps below.
Open the browser. In this example, Google Chrome is used.
- Select the page and select Inspect or press Ctrl+Shift+I.
- On the right side, select the double arrow icon (>>), then select the security.
Note:
The main URL is shown in the origin and the resolved sub-domain/embedded URLs are listed in the 'Secure origins', while non-resolved domains/embedded links are listed in the 'Canceled' section.
- If the page is reloading and not showing the information or popping with the error message, check the 'Canceled' URLs and add them in the URL filter list to allow the site properly.
To Configure/add a URL into the filter list:
From the GUI:
- Go to Security Profiles -> Web Filter.
- Select a web filter to edit.
- Under the Static URL Filter, enable URL Filter, and select Create New.
- Enter the URL, without the 'http'. For example: *.msftauth.net
- Select a Type: Simple , Regular Expression, or Wildcard. In this example, select Wildcard.
- Select the Action to take against matching URLs: Exempt.
- Select 'Enable'.
- Select 'OK'.
Related articles:
