Description
This article describes the scenario where the FortiGuard Web Filtering option "Rate URLs by domain and IP address" is enabled.
In this situation, the rating response from an FortiGuard Distribution Server (FDS) for a particular URL might differ from its IP address. This is very common in scenarios of Virtual Hosting, where one IP address of one physical server will host multiple services and URLs.
Therefore, if the IP address rating belongs to a blocked category, the access to the URL will be blocked regardless of the rating of the URL.
Summary
How to check if an URL gets two different ratings, one for the IP address, and one for URL
diagnose test application urlfilter 3
Saving to file [/tmp/urcCache.txt]
Cache Contents:
-=-=-=-=-=-=-=-
Cache Mode: TTL
Cache DB Ver: 93.4437
Domain |IP DB Ver T URL
29000000|34000000 93.4437 E http://www.mytestrating.fr/
34000000|34000000 13.28635 E http://www.fortinet.com/
How to make a live verification of rating response:
>nslookup careers.floridadental.org 8.8.8.8
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
Name: cname.boxwoodtech.com
Address: 144.202.255.70
Aliases: careers.floridadental.org
Check the category on the FortiGate:
diag webfilter fortiguard cache dump
Caution: This command is for diagnostic purposes ONLY. The bigger the cache size is set, the more impact on performance the command has.
Do you want to continue? (y/n)y
Saving to file [/tmp/urcCache.txt]
Cache Contents:
-=-=-=-=-=-=-=-
Cache Mode: TTL
Cache DB Ver: 233.50234
Rating DB Ver DOT SLASH ORIG_FLAG T URL
22000000|22000000 233.50234 0 0 00000001 P Ahttp://144.202.255.70/
21000000|21000000 233.50234 1 0 00000001 P Ahttp://careers.floridadental.org/
........
22 Hex is 34 in Decimal
21 Hex is 33 in Decimal
get webfilter categories | grep 34
34 Job Search
get webfilter categories | grep 33
33 Health and Wellness
Solution:
If the rating for an IP address blocks access to a site, the solution is to disable “Rate URLs by domain and IP address”. Alternatively, the IP address can be overridden to a different category that is allowed.
Related articles
Rate site by URL and IP address
Verify the webfilter cache content
FortiGuard Web Filtering Override Guide ; configuration examples
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.