https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269307#M74605 <P>Have you enabled SSL Decryption?&nbsp; Since the Chrome Web Store runs over SSL, and if you're not using SSL Decryption, then your choice becomes permitting all extensions or blocking all extensions.&nbsp;&nbsp;</P><P>&nbsp;</P><P>However, if you focus on the traffic generated by the "searchencrypt" extension - that's something much easier to target without collatteral damage.&nbsp; You're not necessarily stopping users from downloading the extension, but these options will prevent the extension from working.&nbsp;&nbsp;</P><P>&nbsp;</P><P>The easiest way would be to use the URL Filtering engine and block the "proxy-avoidance-and-anonymizers" URL category - that will stop the searchencrypt extension from working.&nbsp; Two upsides to this method:&nbsp; 1.) it would block other/similar extensions which have been categorized as proxies by our URL filtering engine, and 2.) it can provide some visual feedback through the URL Response Pages.&nbsp; The error page can be customized to your environment and provide additional information to the user receiving the message.&nbsp;</P><P>&nbsp;</P><P>Here's a screenshot after blocking that URL category:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="searchencrypt.PNG" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20370i4A952E2083BEDEC9/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="searchencrypt.PNG" alt="searchencrypt.PNG" /></span></P><P>&nbsp;</P><P>If you don't have the URL filtering subscription, I believe you can still create custom URL categories.&nbsp; Add "searchencrypt.com" and "*.searchencrypt.com" to a custom URL category and deny access to that category.&nbsp;&nbsp;</P><P>&nbsp;</P><P>Another option if you don't have the URL filtering subscription:&nbsp; create a custom AppID signature.&nbsp; I configured one that looks for "searchencrypt.com" in the SSL Response Certificate context of the SSL decoder.&nbsp; Here's a screenshot with most of the information you'd need to create the custom application signature:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="searchencrypt2.PNG" style="width: 394px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20371iE6EC4631E775CFC6/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="searchencrypt2.PNG" alt="searchencrypt2.PNG" /></span></P><P>&nbsp;</P><P>And here's a screenshot from the traffic log showing it blocking based on the custom AppID signature:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="appid-searchencrypt.PNG" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20372i8E2FA2B426F5E844/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="appid-searchencrypt.PNG" alt="appid-searchencrypt.PNG" /></span></P> Wed, 12 Jun 2019 16:49:16 GMT jvalentine 2019-06-12T16:49:16Z https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269258#M74599 <P>Hello,</P><P>&nbsp;</P><P>Does anybody know if it is possible to block specific browser extensions from being downloaded?</P><P>I would like to block the searchencrypt browser extension.</P><P>&nbsp;</P><P>Thanks</P><P>&nbsp;</P> Wed, 12 Jun 2019 15:39:43 GMT https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269258#M74599 KatiaNunez 2019-06-12T15:39:43Z https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269307#M74605 <P>Have you enabled SSL Decryption?&nbsp; Since the Chrome Web Store runs over SSL, and if you're not using SSL Decryption, then your choice becomes permitting all extensions or blocking all extensions.&nbsp;&nbsp;</P><P>&nbsp;</P><P>However, if you focus on the traffic generated by the "searchencrypt" extension - that's something much easier to target without collatteral damage.&nbsp; You're not necessarily stopping users from downloading the extension, but these options will prevent the extension from working.&nbsp;&nbsp;</P><P>&nbsp;</P><P>The easiest way would be to use the URL Filtering engine and block the "proxy-avoidance-and-anonymizers" URL category - that will stop the searchencrypt extension from working.&nbsp; Two upsides to this method:&nbsp; 1.) it would block other/similar extensions which have been categorized as proxies by our URL filtering engine, and 2.) it can provide some visual feedback through the URL Response Pages.&nbsp; The error page can be customized to your environment and provide additional information to the user receiving the message.&nbsp;</P><P>&nbsp;</P><P>Here's a screenshot after blocking that URL category:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="searchencrypt.PNG" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20370i4A952E2083BEDEC9/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="searchencrypt.PNG" alt="searchencrypt.PNG" /></span></P><P>&nbsp;</P><P>If you don't have the URL filtering subscription, I believe you can still create custom URL categories.&nbsp; Add "searchencrypt.com" and "*.searchencrypt.com" to a custom URL category and deny access to that category.&nbsp;&nbsp;</P><P>&nbsp;</P><P>Another option if you don't have the URL filtering subscription:&nbsp; create a custom AppID signature.&nbsp; I configured one that looks for "searchencrypt.com" in the SSL Response Certificate context of the SSL decoder.&nbsp; Here's a screenshot with most of the information you'd need to create the custom application signature:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="searchencrypt2.PNG" style="width: 394px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20371iE6EC4631E775CFC6/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="searchencrypt2.PNG" alt="searchencrypt2.PNG" /></span></P><P>&nbsp;</P><P>And here's a screenshot from the traffic log showing it blocking based on the custom AppID signature:</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="appid-searchencrypt.PNG" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/20372i8E2FA2B426F5E844/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="appid-searchencrypt.PNG" alt="appid-searchencrypt.PNG" /></span></P> Wed, 12 Jun 2019 16:49:16 GMT https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269307#M74605 jvalentine 2019-06-12T16:49:16Z https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269308#M74606 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/22017">@jvalentine</a>thanks for your help.</P><P>I will try with blocking the url. If that does not work, I will use the other 2 suggestions you explained. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Wed, 12 Jun 2019 17:14:12 GMT https://live.paloaltonetworks.com/t5/general-topics/how-to-block-browser-extensions/m-p/269308#M74606 KatiaNunez 2019-06-12T17:14:12Z