This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Query on URL filtering

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Query on URL filtering

Go to solution
amocherla
L0 Member

‎03-20-2019 01:28 PM

I found this article on URL filtering.

My question is how is *.baidu.com not allowing mp3.baidu.com or news.baidu.com as well

What does *. signify or equate to this scenario.

 

ALso is there is any need or scenario in which we would need to add 

www.baidu.com

*.baidu.com as rules in Custom URL category.

 

Any Help would be appreciated.

 

 

HOW TO ALLOW ONE URL AND BLOCK OTHER ASSOCIATED URLS

11171
Created On 02/07/19 23:48 PM - Last Updated 02/07/19 23:48 PM
URL FILTERING

Resolution

 

Overview

This describes how to allow a single URL and block other associated URLs. In this example www.baidu.com will be allowed but mp3.baidu.com and news.baidu.com will be blocked.

 

Steps

Use one of the following two configuration options.

Option 1: Use URL Category

  1. Go to Objects > Custom URL Category, and create a category called "Baidu," for example. Add "*.baidu.com" to the category.
  2. Go to Objects > Custom URL Category, and create a category called "Everything," for example. Add "*" to the category. This will cover all URLs.
  3. Add a security policy that permits from any to any.
  4. Under Service/URL Category, add the category "Baidu."
  5. Add another security policy that blocks from any to any. Under Service/URL Category add the category "Everything."
    The first rule should permit access to *.baidu.com, while the second rule should act as a catch-all rule that blocks access to all URLs.

 

Option 2: Use URL filtering

  1. Go to Objects > Custom URL Category, and create a category called "Baidu" for example. Add "*.baidu.com" to the category.
  2. Go to Objects > URL Filtering, and create a url filtering profile called "Baidu-URL."
  3. Select the category "Baidu" to allow and the rest of the categories to block. This will block all URLs except www.baidu.com.
  4. Add a security policy that permits from any to any. Under Actions > Profile Setting > Profile Type <select profiles>, select the url filtering profile "Baidu-URL."
    Note: This rule should only permit access to *.baidu.com.

 

owner:  bpappas

0 Likes Likes
2 accepted solutions

Accepted Solutions

Go to solution
OtakarKlier
Cyber Elite
Cyber Elite

‎03-20-2019 02:01 PM

Hello,

Looks like a typo in the document. *.baidu.com would allow mp3.baidu.com or news.baidu.com. 

 

Good catch!

View solution in original post

Go to solution
BPry
Cyber Elite
Cyber Elite

‎03-20-2019 04:11 PM

@amocherla,

As @OtakarKlier mentioned the document is wrong. *.baidu.com would still allow anything.baidu.com. You can however do this easily enough, you simply need to keep in mind the order of the firewall processes the request:

 

URL Filtering

1) Block List

2) Allow List

3) Custom Categories

4) Cache

5) Pre-Defined Categories

 

URL Categorie Actions:

1) Block

2) Override

3) Continue

4) Alert

5) Allow

 

I think this is what the article was trying to get at; one thing to keep in mind with the knowledgebase is that any Palo employee can make an entry, so they aren't always actually right

View solution in original post

3 REPLIES 3

Go to solution
OtakarKlier
Cyber Elite
Cyber Elite

‎03-20-2019 02:01 PM

Hello,

Looks like a typo in the document. *.baidu.com would allow mp3.baidu.com or news.baidu.com. 

 

Good catch!

Go to solution
BPry
Cyber Elite
Cyber Elite

‎03-20-2019 04:11 PM

@amocherla,

As @OtakarKlier mentioned the document is wrong. *.baidu.com would still allow anything.baidu.com. You can however do this easily enough, you simply need to keep in mind the order of the firewall processes the request:

 

URL Filtering

1) Block List

2) Allow List

3) Custom Categories

4) Cache

5) Pre-Defined Categories

 

URL Categorie Actions:

1) Block

2) Override

3) Continue

4) Alert

5) Allow

 

I think this is what the article was trying to get at; one thing to keep in mind with the knowledgebase is that any Palo employee can make an entry, so they aren't always actually right

Go to solution
amocherla
L0 Member
In response to BPry

‎03-20-2019 09:26 PM

Thank you for the explanation Bpry.

Is there any scenraio where you would right a URL rule like 

 

Both in Allow rule,

 

sega.com 

*.sega.com/*.   "This statement includes the First URL right, correct me If I am wrong.

 

Thank you

0 Likes Likes
  • 2 accepted solutions
  • 4435 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks