How can I block a website using Content Filter using forbidden domain option?

09/29/2023 1,412 People found this article helpful 515,100 Views

Description

This article covers how to block websites using Content Filtering Service (CFS) using the default CFS profile. In this article we will allow the CFS category Games and block only the domain games.com. This comes in handy when trying to prevent users from getting to a specific website without wanting to block the whole category.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

Ensure that the Content Filtering service is licensed.
Navigate to Policy|Security Services|Content filter
Click Enable Content Filtering Service
Navigate to Object|Profile Object|Content filter|CFS Default Profile|Advanced and Enable HTTPS Content Filtering on

Create a URI List Object called Forbidden Domains.

Navigate to Objects | Match Object|URI List.
Click URI List Objects and click Add.
Name the object Forbidden Domains and add games.com.

NOTE: Do not type www. or http:// or https://. You need to type just the domain name. In this example it is games.com.

Modify the CFS profile object to use the Forbidden Domains URI List Object:

Navigate to Objects | Profile object|Content filter
Edit the CFS profile object in question and select the Forbidden List under Forbidden URI List drop down.

Confirm the CFS Policy has been implemented.

Navigate to Policy | Rules and Policies|Content filter rules to confirm that the CFS policy has been implemented and that it applies to the correct zones.

At this point "games.com" should be blocked for the LAN zone irrespective of the games category being allowed.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

Configure the required website in the Forbidden Domain List.

Ensure that the Premium Content Filtering service is licensed.
Click Manage in the top navigation menu.
Click Security Services | Content Filter.
Click Enable Content Filtering Service and Enable HTTPS Content Filtering.

Create a URI List Object called Forbidden Domains.

Navigate to Objects | Content Filter Objects.
Click URI List Objects and click Add.
Name the object Forbidden Domains and add games.com.

NOTE: Do not type www. or http:// or https://. You need to type just the domain name. In this example it is games.com.

Modify the CFS profile object and use the Forbidden Domains URI List Object:

Navigate to Objects | Content Filter Objects.
Edit the CFS profile object in question and select the Forbidden List under Forbidden URI List drop down.

Confirm the CFS Policy has been implemented.

Navigate to Security Services | Content Filter to confirm that the CFS policy has been implemented and that it applies to the correct zones.
At this point "games.com" should be blocked for the LAN zone irrespective of the games category being allowed.