Facebook Just Wont Die

ameif56hgt · ‎03-21-2024

I guess the title says it all. I block Facebook in a web profile with *.facebook.com. and its the first item, with action to block. (I block Meta as well.) I have an application profile with the first override to block the facebook application. My DNS server has the DNS for Facebook to be blocked. I've never had a facebook account and never installed a facebook app on my computer, and nobody in my house uses facebook. But, as you can see, sometimes its blocked, other times its not a moment later. What am I missing here??

ameif56hgt · ‎03-22-2024

I should also say, if I do type in Facebook.com in a browser, I do get a Fortigate messages saying the Facebook APPLICATION is blocked, so that is working.

So, I guess I am going to have to live with it.

ameif56hgt · ‎03-22-2024

OK I fixed it, just not the way I should have to. The two IP addresses at Facebook my computer and iPhones were contacting had IP addresses in the 31.13.70.X and 31.13.90.X ranges, so I just added a firewall rule to block those two IP ranges. Works like a charm. I do not know why a Web filter can identify Facebook track, and Facebook applications but neither seems to reliably block it. It clearly shows Facebook application ID 15832, which I BLOCK, but it doesn't.

Genobaseball10 · ‎03-26-2024

Nice find! I'm not sure why it wasn't working for you. When I did a wildcard of *Facebook.com in my homelab, I wasn't able to access any of Facebook or its features on any device. Sorry for the inconveneince!

CCNA | FCP | CWNA