Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎10-16-2009 08:36 AM

how to block facebook?

hi, I have in url filter www.facebook.com block and the url filter is enabled on protection profile, and yet so well is connected to facebook buscar
6888
0 Kudos
1 Solution
Victor
New Contributor III

Created on ‎11-06-2009 06:32 AM

Here is a different solution. We had a similar problem at the school board with youtube. Some of the responses ended up getting google dns names. (Go figure!) I simply created a dns rule and applied it to everything. If you made a dns request for youtube & that included our dns servers, the packet was dropped. I set it up as a timed policy so that it operated during school hours only. My clients are happy with that. If you wished to refine it & allow certain people access, you would have to isolate them on a specific network or in a certain address range and allow them access to a tertiary internal dns server that is not restricted by the dns policy. You would also have to create a policy restricting who could make requests to that dns server. Make sure you fully inform your clients of the full implications of the policy you implement, but I can tell you I have no irate calls from teachers saying that " little Johnny accessed Youtube. I thought you said it was blocked!" Victor

View solution in original post

5729
0 Kudos
11 REPLIES 11
red_adair
New Contributor III

Created on ‎10-17-2009 01:05 PM

As Facebook uses many servers and many prefix domains blah.facebook.<countryid> Best solution is to use " Application Control" in FOS 4.1 and enable a generic Facebook block. App Ctrl blocks the Application " Facebook" . Or even more granular like Facebook.chat etc. You may consult the online ressources as well http://www.fortiguard.com/applicationcontrol/ListOfApplications.html http://www.fortiguard.com/applicationcontrol/serviceUpdateHistory.html -R.
4767
0 Kudos
Not applicable

Created on ‎10-19-2009 01:15 PM

I own you in forti 3.0 I tried to download the 4.1 and I could not do it .. I have my login and password to the Fortinet support but there does not give me a link for downloading 4.1 as I Forti .. so I think I have all the functionality that you tell me
4767
0 Kudos
Not applicable

Created on ‎10-19-2009 01:31 PM

you can also use Regular Expression in url filter with word " facebook" its working perfect to me in 3.0MR7p2
4767
0 Kudos
Not applicable

Created on ‎10-19-2009 01:40 PM

apology just as serious in the url filter because I have www.facebook.com block
4767
0 Kudos
rwpatterson
Valued Contributor III
In response to

Created on ‎10-20-2009 07:42 AM

Depending on your hardware unit (you did not specify), version 4 may not be available. Also, blocking just ' facebook' doesn' t work. They also use Akamai servers, and those resolve to different names, so it still gets through. I had to block the entire ' Social Networking/Personal' category in Fortiguard to do that. A bit drastic, but it did the trick for us here. Our users have no reason to go there. We' re a hospital...

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
4767
0 Kudos
discoveryit
New Contributor

Created on ‎10-20-2009 12:49 PM

just use fortiguard content filter and block all social networking sites... go to Fortiguard Web Filtering - General Interest - Personal Relationships and block all... That blocks Myspace, twitter facebook and everyother stuiped site.... also go to Potentially Liable - Proxy Avoidance and block it while your at it... No more social junk sites.. More production!
FCNSP
FCNSP
4767
0 Kudos
rwpatterson
Valued Contributor III
In response to discoveryit

Created on ‎10-20-2009 12:54 PM

Great, except when the CIO asks why he can' t get to Facebook.... Bleah....

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
4767
0 Kudos
discoveryit
New Contributor

Created on ‎10-27-2009 07:50 AM

thats when you use the FSAE client and make all users authenticate to the fortigate and setup specific policy' s for user groups.
FCNSP
FCNSP
4767
0 Kudos
Not applicable

Created on ‎10-29-2009 10:12 PM

currently when i have include the filter to block yet it still can acess thorugh this website : https://www.facebook.com and there are cetain websites which i' m using https so i can block my https or else my other websites also will be block how do i overcome this.....? my setup is currently : auto dchp and all is block from acessing any internet except the websites which i allow in the URL FILTER under WEB FILTER and websites my staff wanna acess i will register in the URL FILTER and allow it , example : www.yellowpages.com.my ----> TYPE(SIMPLE) ------> ACTION(ALLOW) then they can u the website
4767
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.