Hi @Gordon, Where have you been entering in the address to put the block in place? You should be able to use blacklists and whitelists on the Security Appliance > Content Filtering page. You can also override or append these using group policies assigned to individual clients. See Network-wide > Group policies. Whenever a client fetches a web page on the network, the requested URL is checked against the lists configured to determine if the request will be allowed or blocked. Pattern matching follows these steps: Check if the full requested URL is on either list. e.g., http://www.foo.bar.com/qux/baz/lol?abc=123&true=false Cut off the protocol and leading "www" from the URL, and check if that is on either list: foo.bar.com/qux/baz/lol?abc=123&true=false Cut off any "GET parameters" (everything following a question mark) and check that: foo.bar.com/qux/baz/lol Cut off paths one by one, and check each: foo.bar.com/qux/baz, then foo.bar.com/qux, then foo.bar.com Cut off subdomains one by one and check those: bar.com, and then com Finally, check for the special catch-all wildcard, *, in either list. If any of the above produces a match, then the request will be allowed through if it is in the whitelist and blocked otherwise. (That is, the whitelist takes precedence over the blacklist.) If there is no match, the request is allowed, subject to the category filtering settings above. HTTPS requests can also be blocked. Because the URL in an HTTPS request is encrypted, only the domain checks will be performed (www.foo.bar.com, foo.bar.com, bar.com, com, and the special catch-all *).
... View more