Cannot use wildcard(*) when using Web Content Filtering in Systems Manager

newman
Conversationalist

Cannot use wildcard(*) when using Web Content Filtering in Systems Manager

Hello, 

 

I have a website that dynamically adds the word "app" and a random number as it's subdomain and it seems to change daily. I have whitelisted app.studyisland.com and studyisland.com but it will always dynamically change. 

 

Here are some examples of what it may look like on any given day: 

app87.studyisland.com

app34.studyisland.com

app47.studyisland.com

app188.studyisland.com

 

I can go in and add this specific URL to whitelisting, and it works, but is there a wildcard feature I can use for the subdomain? I have attempted to add *.studyisland.com as a whitelist entry but that does not seem to work.

 

Any ideas? Anyone else run into this issue? 

 

Thank you in advance, 

2 REPLIES 2
PaulF
Meraki Employee

Hi,

 

So, I've had a read through Apple's documentation a few times

 

The system matches URLs using string-based root matching. A URL matches an allow list, deny list, or permitted list pattern if the exact characters of the pattern appear as the root of the URL. For example, if the system doesn’t allow test.com/a, it also blocks test.com, test.com/b, and test.com/c/d/e. Matching also discards subdomain prefixes, so if the system doesn’t allow test.com/a, it also blocks m.test.com.

 

So, if this works as expected, you should be able to add just studyisland.com and you should be good

 

Let us know how you get on.

newman
Conversationalist

Hi Paul,

 

Thank you for the very helpful info! I double checked the filter and while I thought that I had just studyisland.com whitelisted, I actually had *.studyisland.com instead and then all off the app(number) urls for studyisland.com. 

 

This config is actually for a client of ours so we won't be able to test it until they book with us again, but thank you again for the helpful tip! 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels