This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Custom URL Category with Wildcards

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Custom URL Category with Wildcards

KiCheon.Lee
L4 Transporter

‎03-26-2013 10:33 PM

Hello

I have a question.

                              www.example.com     

                           _________|_________

                           |                               |

www.example.com/sales-team          www.example.com/marketing-team

My customer want function below

The sales team access "www.example.com" and "www.example.com/sales-team" , don't access "www.example.com/marketing-team"

So I create "www.example.com" and "www.example.com/sales-team" in customer url category and security rule.

But The sales team access all URI path by "www.example.com" (include "www.example.com/marketing-team")

Do you know anyone access only "www.example.com"???? don't access sub URI path??

What wildcards do I use???

Please, could someone help me?

Labels:
0 Likes Likes
1 REPLY 1

mikand
L6 Presenter

‎03-27-2013 12:10 AM

According to adminguide:

"

Block and allow lists support wildcard patterns. The following characters are considered separators:

.

/

?

&

=

;

+

Every substring that is separated by the characters listed above is considered a token. A token can be any number of ASCII characters that does not contain any separator character or *. For example, the following patterns are valid:

*.yahoo.com                              (Tokens are: "*", "yahoo" and "com")

www.*.com                              (Tokens are: "www", "*" and "com")

www.yahoo.com/search=*      (Tokens are: "www", "yahoo", "com", "search", "*")

The following patterns are invalid because the character “*” is not the

only character in the token.

ww*.yahoo.com

www.y*.com

"

* is considered wildcard but I cant find of any list that states if there are other characters with special features. I assume the + above doesnt mean "one or many" as with regexp.

One thing to test is if you set this up as:

1) Deny "www.example.com/*"

2) Allow "www.example.com"

But that would break probably everything with the site :smileysilly:

So you would probably need to construct it as (if above works and you can only reach the root):

1) Allow "www.example.com/pics/*", "www.example.com/scripts/*"

2) Deny "www.example.com/*"

3) Allow "www.example.com"

Regarding your sales vs marketing team:

1) Deny User: Sales, "www.example.com/marketing-team"

2) Deny User: Marketing, "www.example.com/sales-team"

3) Allow User: Sales and Marketing, "www.example.com"

However note that some sites uses CDN's or for that matter suddently alter their URI's etc which gives that if "www.example.com/sales-team" changes into "www.example.com/sale-team" and you didnt uptime your filters the marketing will be able to reach the sale-team stuff.

  • 2207 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks