Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Silver
New Contributor

Created on ‎09-08-2015 08:59 AM

Regular express

Dear All,

I would like to allow website facebook.com, But i only need to block the profile link using regular expression.

Like the link www.facebook.com/profile.php?id=100010106623165. so anyone who's click or search someone using name or email address but while click on the user profile this should be block. Only the ID will be different for everyone.

 

Anyone can help how to do it using regular expression.

 

Thanks

7526
0 Kudos
2 REPLIES 2
emnoc
Esteemed Contributor III

Created on ‎09-09-2015 12:39 AM

I guess the 1st question do you  have SSL de-encryption enable on the fw-policies that are  allowing traffic to facebook. To write a URL filter would be the easy part but if the client attaches to facebook using https  this would create more additional concerns.

 

Just keep in mind, you have another option of looking at a IPS filter on http content for the string " www.facebook.com/profile.php?id=" and just blocking that access for anything matching that  url but like above ssl traffic and encryption needs to be removed to match the string

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
1155
0 Kudos
Chris_Lin_FTNT
Staff
Staff

Created on ‎09-14-2015 02:56 PM

Try this:

www.facebook.com/profile\.php\?id=\d+

1155
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.