Hi...The requested URL domain is 'www.google-analytics.com' and this puts the domain in the ' computer-and-internet-info' category. If you do a pcap of the request to www.pokerstars.com, the response is a script that is redirecting to www.google-analytics.com.
Also verify if you have enabled (or disabled) to log container page only:
The URL Filtering feature can potentially generate a large amount of log entries. In order to reduce the log volume, you can configure a URL Filtering profile to only log container pages. This will only create a log entry for those URIs where the requested page file name matches certain mime-types. The default set includes the following mime-types:
You can add additional container page mime-types under Device -> Setup -> Content-ID -> Content-ID features -> Container Pages.
Note that when container page logging is enabled, there may not always be a correlated URL log entry for threats detected by Antivirus or Vulnerability Protection.
Hi rmonvon, thanks for your reply. I was going to do a pcap this morning to test. If this is the case, how are other people getting round this? I surely can't be the first person to try and block playboy and pokerstars (and it being allowed as its being re-categorised).
You should check your policy & URL filtering profile to ensure the web requests are hitting the correct rule. If your policy is set to block online-gambling and adult-and-pornography then those 2 sites should be blocked. If you still need help, please open a case with Support. Thanks.
We block adult-and-pornography and online-gambling and do not have that problem.
www.google-analytics.com does not fall under those categories, therefore it is classified correctly under the 'computer-and-internet-info' category. Google analytics is a tool used for web analytics and reporting, such as visitor site use and web statistics.
There may be a rule higher up that allows access, or the option to "log container page only" is disabled.
It isn't clear if your users actually can access those sites or not. If they can't access them, then the blocking rule works.
Side note: unfortunately it can no longer be inferred that a user "went" to one of those sites just because google analytics refers to them or because other sites host "like us" widgets.
We block social media but we also see a lot of 'hits' from pages that try to load badges and widgets from facebook or myspace. Can we ascertain that someone tried to actually go to facebook based on these hits? It is no longer that clear.
Sorted it, porrl, you were correct, it was getting allowed through on a rule higher up the policy, I was concentrating too much on the google-analytics bit rather than the policy as a whole. We amended that and all worked ok.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!