https://live.paloaltonetworks.com/t5/general-topics/stop-web-browsing-to-ssl/m-p/195729#M58414 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/37650">@Jordan_Roebuck</a>,</P> <P>&nbsp;</P> <P>I don't think there's an easy way to do this.</P> <P>&nbsp;</P> <P>You could decrypt the traffic and do a pattern match on all the different User-Agent strings that you can find in the header information.&nbsp; You can identify different browsers that way and block traffic accordingly ... but the list will be enormous and hard to keep updated.</P> <P>&nbsp;</P> <P>An old example :</P> <P><A href="https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Google-Chrome/ta-p/57997" target="_blank">https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Google-Chrome/ta-p/57997</A></P> <P>&nbsp;</P> <P>Cheers !</P> <P>-Kiwi.</P> Thu, 18 Jan 2018 13:18:31 GMT kiwi 2018-01-18T13:18:31Z https://live.paloaltonetworks.com/t5/general-topics/stop-web-browsing-to-ssl/m-p/195698#M58410 <P>The external IP of our WiFi controller requires 443 to be open to the internet, so we have this open on our inbound rule&gt;external IP of the controller.&nbsp; 443 needs to be open but we don't want this to be accessible via a web browser - as currently this rule allows the external IP to be accessed via https. Is there a way of stopping this behavior? Many thanks.</P> Thu, 18 Jan 2018 11:53:27 GMT https://live.paloaltonetworks.com/t5/general-topics/stop-web-browsing-to-ssl/m-p/195698#M58410 Jordan_Roebuck 2018-01-18T11:53:27Z https://live.paloaltonetworks.com/t5/general-topics/stop-web-browsing-to-ssl/m-p/195729#M58414 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/37650">@Jordan_Roebuck</a>,</P> <P>&nbsp;</P> <P>I don't think there's an easy way to do this.</P> <P>&nbsp;</P> <P>You could decrypt the traffic and do a pattern match on all the different User-Agent strings that you can find in the header information.&nbsp; You can identify different browsers that way and block traffic accordingly ... but the list will be enormous and hard to keep updated.</P> <P>&nbsp;</P> <P>An old example :</P> <P><A href="https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Google-Chrome/ta-p/57997" target="_blank">https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Google-Chrome/ta-p/57997</A></P> <P>&nbsp;</P> <P>Cheers !</P> <P>-Kiwi.</P> Thu, 18 Jan 2018 13:18:31 GMT https://live.paloaltonetworks.com/t5/general-topics/stop-web-browsing-to-ssl/m-p/195729#M58414 kiwi 2018-01-18T13:18:31Z