FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ametkola
Staff
Staff
Article Id 371581
Description This article describes an issue related to websites classified and being blocked by proxy as 'Malicious Website'.
Scope FortiGate, FortiProxy.
Solution

The following scenario describes an issue related to websites classified and being blocked by proxy as 'Malicious Website'.

When checking the website in the FortiGuard database: Web Filter Lookup the rating is correct.
The website used for testing in this scenario: https://sporttempel-kiel.de/.

 

explicit.png

 

id=7447901233223827892 euid=1 epid=1 dsteuid=1 dstepid=1 logflag=1 logid=0000000013 type=traffic subtype=forward level=notice eventtime=1734099638854037070
action=deny srcip=10.x.x.x srcport=54653 dstip=202.61.233.6 dstport=443 service=HTTPS proto=6 policyid=5 user=test msg="Traffic denied because of explicit proxy policy" <----
srcintf=internetproxy srcintfrole=lan dstintf=internetproxy dstintfrole=lan sessionid=284824322 crscore=30 crlevel=high craction=131072 trandisp=noop duration=0 policytype=policy sentbyte=0 rcvdbyte=0 sentpkt=0
rcvdpkt=0 app=HTTPS appcat=unscanned dstcountry=Germany srccountry=Reserved srcuuid=05b79f88-aecd-51ed-c9f8-e702f4566bbb dstuuid=81a3bda0-0aaf-51ee-5a16-44ade4b345e0 poluuid=1fad2ad8-0c25-51ee-4edc-8bb215c83fe5
agent=Chrome/131.0.0.0 policyname=Blacklist url=https://sporttempel-kiel.de/ tz=+0100 devid=FPX4KET322000032 vd=root dtime="2024-12-13 15:20:37" itime_t=1734099638 devname=PRX_FPX4KE

 

The following attribute can be verified under the web filter profile settings.

 

config webfilter profile
    edit < name >
        config ftgd-wf
            set options error-allow rate-server-ip ?

            connect-request- bypass Bypass connection which has CONNECT request.
            ftgd-disable Disable FortiGuard scanning.

        end

end

 

It is recommended that this option should be disabled, as it can be seen from the GUI view in the web filter profile.

 

output.png

 

Related document:

Rating options