I have been playing in the devnet sandbox in anticipation of getting our new firewalls next week. One of the things I would like to do is block access to a website using the following pattern www.website.com/login so that only certain users can access that particular page. When I try entering this in any of the different types of rules I get an invalid destination address. Does anyone know if I can do this?
Cut off the protocol and leading "www" from the URL, and check if that is on either list:foo.bar.com/qux/baz/lol?abc=123&true=false
Cut off any "GET parameters" (everything following a question mark) and check that:foo.bar.com/qux/baz/lol
Cut off paths one by one, and check each:foo.bar.com/qux/baz, thenfoo.bar.com/qux, thenfoo.bar.com
Cut off subdomains one by one and check those:bar.com, and thencom
Finally, check for the special catch-all wildcard,*, in either list.
If any of the above produces a match, then the request will be allowed through if it is in the whitelist and blocked otherwise. (That is, the whitelist takes precedence over the blacklist.)
If there is no match, the request is allowed, subject to the category filtering settings above.
HTTPS requests can also be blocked. Because the URL in an HTTPS request is encrypted, only the domain checks will be performed (www.foo.bar.com, foo.bar.com, bar.com, com, and the special catch-all *).
Found this helpful? Give me some Kudos! (click on the little up-arrow below) and If my reply solved your issue, please mark it as a solution 🙂
One option that may work is would be to use a Group Policy (network wide > configure > group policies) for the special users that should be able to access the site. Put website.com/login in the whitelisted URL section for that group policy, but also include website.com/login in the blocked URLs under the regular content filtering page. The whitelisted pattern in their group policy should take precedence over the blocked pattern.