Hello all.
I looking for a solution to block specific pages with a WEB filter.
For example, I want to block the page "contact" or "contact.aspx"
https://www.fortinet.com/ should work, but page https://www.fortinet.com/support/contact
Any idea, how to do this?
BR
Aleksei
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Webfilter on its own can only block by cathegory rating.
What you want to do can be achieved using the url filter.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
You are absolutely right!
My mistake, didn't explain well.
I have tried to do this in URL filter and contend filter but without success.
But now, I see that it works but only if I enable SSL - deep-inspection.
But "deep-inspection" gives me problems too.
Hi AlekseiN,
As you are exempting certain URL from being allowed, deep inspection will be required. Could you confirm what is the issue you have with deep inspection.
Please make sure to install the deep inspection certificate in the client trusted root store.
Regards,
Vimala
Hello.
Thank you for your answer.
The problem with deep inspection is that I want to enable it on a public network (with wifi, wifi device not fortinet), so I can't install the certificate on the clients.
When using a webfilter with certificate inspection, FortiGate applies an action depending on the category of the website a user is trying to access.
If the site you're trying to reach is categorized as blocked, FortiGate will try to display a blocked page.
In your situation, FortiGate will try to show you a blocked page but you get an untrusted certificate > It's FortiGate trying to get you to show the blocked page instead of your website.
The problem is that everything is HTTPS, and HTTPS can't be broken without a deep inspection profile. So you get the result you described, but normally you don't have the option to skip the warning (the proceed button at the bottom shouldn't appear).
For the version, I recommend v7.0.11 for prod and v7.2.4 for lab.
Hello Aleksei,
You can typically block specific pages using a web filter by configuring URL filtering rules. In this case, you can create a rule that targets URLs containing "/contact" or "/contact.aspx" and set it to be blocked. The exact steps to do this may vary depending on the Latest specific web filter or firewall solution you're using. It's best to consult the documentation or support resources for your web filter system to get detailed instructions on how to set up such rules.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.