Dear All,
We have a fortigate firewall and its fortiguard subscription expired. Now, we are using Static Web-filtering for blocking the specific URL, It includes only one URL, But the static URL-Blocking is not working.
The scenario is that customer wants to Block the URL's subdomain, from internet to the internal web-servers , not the whole URL like he wants to allow facebook.com, But needs to block facebook.com/chat/discussion (Something like that).
Now, the issue is that that specific static url is still accessible through internet.
As you noticed Fortiguard subscription is not needed for static URL filtering. Now , this sentence is a bit confusing:
daniyal@77 wrote:As if you are trying to use URL filtering for INCOMING from the Internet to internal web servers connections? If so, it is not the intended use of URL filtering.from internet to the internal web-servers
Hi Yursik,
Yes you are right we are trying to block access from Internet to the URL hosted on the internal web-servers. as you mentioned we can't do it through URL-filtering, so how can i implement that. please find below details:
we need to block this path: https://www.xyz.com.sa/payments/
without disrupting traffic on this one: www.xyz.com
You need a FortiWeb device for that
https://www.fortinet.com/products/web-application-firewall/fortiweb.html
I didn't say it would NOT work, just that it is not intended use so surprises are possible. But if you want to try, the URL filter should look like that (see pic attached), in a lab setup it works, but be aware if trying on a production system if it blocks ALL access to the website.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.