How can I block a website using Content Filter using forbidden domain option?

Description

This article covers how to block websites using Content Filtering Service (CFS) using the default CFS profile. In this article we will allow the CFS category Games and block only the domain games.com. This comes in handy when trying to prevent users from getting to a specific website without wanting to block the whole category.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

  • Ensure that the Content Filtering service is licensed.
  • Navigate to Policy|Security Services|Content filter
  • Click Enable Content Filtering Service
  • Navigate to Object|Profile Object|Content filter|CFS Default Profile|Advanced and Enable HTTPS Content Filtering on                                 Image
    Image

Create a URI List Object called Forbidden Domains.

  • Navigate to Objects | Match Object|URI List.
  • Click URI List Objects and click Add.
  • Name the object Forbidden Domains and add games.com.
    Image

NOTE: Do not type www. or http:// or https://. You need to type just the domain name. In this example it is games.com.

Modify the CFS profile object to use the Forbidden Domains URI List Object:

  • Navigate to Objects | Profile object|Content filter
  • Edit the CFS profile object in question and select the Forbidden List under Forbidden URI List drop down.
       Image


Confirm the CFS Policy has been implemented.

  • Navigate to Policy | Rules and Policies|Content filter rules to confirm that the CFS policy has been implemented and that it applies to the correct zones.      Image     

    Image

    At this point "games.com" should be blocked for the LAN zone irrespective of the games category being allowed.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

 

Configure the required website in the Forbidden Domain List.

  • Ensure that the Premium Content Filtering service is licensed.
  • Click Manage in the top navigation menu.
  • Click Security Services | Content Filter.
  • Click Enable Content Filtering Service and Enable HTTPS Content Filtering.
    Image

Create a URI List Object called Forbidden Domains.

  • Navigate to Objects | Content Filter Objects.
  • Click URI List Objects and click Add.
  • Name the object Forbidden Domains and add games.com.
    Image

    NOTE: Do not type www. or http:// or https://. You need to type just the domain name. In this example it is games.com.

Modify the CFS profile object and use the Forbidden Domains URI List Object:

  • Navigate to Objects | Content Filter Objects.
  • Edit the CFS profile object in question and select the Forbidden List under Forbidden URI List drop down.Image

Confirm the CFS Policy has been implemented.

  • Navigate to Security Services | Content Filter to confirm that the CFS policy has been implemented and that it applies to the correct zones.ImageImage
    At this point "games.com" should be blocked for the LAN zone irrespective of the games category being allowed.

Related Articles

  • Configuring Syslog traffic over MPLS in SonicWall
    Read More
  • Cysurance Partner FAQ
    Read More
  • SonicOS API: TOTP based two-factor authentication for management by Admin user
    Read More

Categories

Firewalls
SonicWall SuperMassive 9000 Series
Content Filtering Service
Firewalls
TZ Series
Content Filtering Service
Firewalls
NSa Series
Content Filtering Service
Firewalls
NSv Series
Content Filtering Service
not finding your answers?
Ask the Community
was this article helpful?
YesNo