How to allow or block URI and sub-domains using Content Filtering
05/30/2022 1,393 People found this article helpful 518,841 Views
Description
The Allowed Domains and Forbidden Domains feature has been enhanced and is called Allowed URI and Forbidden URI. Where Allowed and Forbidden Domains feature blocked or allowed connections to websites based on their domain names, the new feature blocks entire URIs. With this enhancement, specific resources within a website can be blocked or allowed.
NOTE: While performing tests to confirm the Allow/Forbidden URI, it is recommended to log out of the firewall or have another device to test with.
The following examples illustrate the difference in both features:
- The Maximum number of characters allowed in a URI is 255.
- CFS does a partial match of entries with the URI accessed.
EXAMPLE:The entry google.com will match www.google.com; www.nybooks.com/issues/ will match www.nybooks.com/issues//2014/dec/18/, but www.nybooks.com/issues/ will not match www.nybooks.com.
- With HTTPS Content Filtering option checked, websites accessed over HTTPS will be blocked (as in earlier versions) based on Client Hello and Certificate messages. Therefore, the URI will not be blocked or allowed
- To block URI of a website accessed over HTTPS requires DPI-SSL client Inspection
Here are some more examples
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Navigate to OBJECTS | URI LIST
- Click ADD option to add DOMAIN, KEYWORD, OR URI to block or allow any website
- Navigate to OBJECTS | PROFILE OBJECTS | CONTENT FILTER
- Configure the Profile and in URI LIST CONFIGURATION, select the URI list that was created earlier and add it to the Allowed URI LIST or FORBIDDEN URI LIST
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
- The Allowed/Forbidden URI objects can be found under Manage | Objects | Content Filter Objects | URI List Objects:
Related Articles
Categories
Was This Article Helpful?
YESNO