I have been playing in the devnet sandbox in anticipation of getting our new firewalls next week. One of the things I would like to do is block access to a website using the following pattern www.website.com/login so that only certain users can access that particular page. When I try entering this in any of the different types of rules I get an invalid destination address. Does anyone know if I can do this?
Solved! Go to Solution.
Where have you been entering in the address to put the block in place?
You should be able to use blacklists and whitelists on the Security Appliance > Content Filtering page.
You can also override or append these using group policies assigned to individual clients. See Network-wide > Group policies.
Whenever a client fetches a web page on the network, the requested URL is checked against the lists configured to determine if the request will be allowed or blocked.
Pattern matching follows these steps:
If any of the above produces a match, then the request will be allowed through if it is in the whitelist and blocked otherwise. (That is, the whitelist takes precedence over the blacklist.)
If there is no match, the request is allowed, subject to the category filtering settings above.
HTTPS requests can also be blocked. Because the URL in an HTTPS request is encrypted, only the domain checks will be performed (www.foo.bar.com, foo.bar.com, bar.com, com, and the special catch-all *).
Thanks but not what I am looking for. I want to be able to only allow certain people to access www.website.com/login A blacklist blocks everyone.
@PhilipDAth Really there is no way is adding in a prefix or suffix wildcard?? I only ask because I haven't played around with our MX units much because our SonicWall takes care of most things.
One option that may work is would be to use a Group Policy (network wide > configure > group policies) for the special users that should be able to access the site. Put website.com/login in the whitelisted URL section for that group policy, but also include website.com/login in the blocked URLs under the regular content filtering page. The whitelisted pattern in their group policy should take precedence over the blocked pattern.