URL Whitelist Nightmare

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

URL Whitelist Nightmare

L3 Networker

I've tried without luck to add the URL 'addons.mozilla.org' to a whitelist. This URL falls under the 'shareware-and-freeware' category. This category is blocked. That's why I need to specify this explicitly in the whitelist. It just won't work.

My monitor tab shows it is allowed for that traffic, but looking at logs for URL filtering, I see it being block-url.

I've noticed that this had some other prefixes so I tried different combinations (below), with no luck:

*.addons.mozilla.org

addons.mozilla.org

addons.mozilla.org/

Any ideas?

1 accepted solution

Accepted Solutions

L5 Sessionator

Hello Martin,

Please add below URLs in allow list:

addons.mozilla.org

addons.mozilla.org/

addons.cdn.mozilla.net/

Regards,

Hari Yadavalli

View solution in original post

10 REPLIES 10

L4 Transporter

What are the details for why it's being blocked?

L5 Sessionator

Hi Martin,

Can you please attach the snapshot for the URL filtering logs where it says block-url. Thank you.

Not sure of the details you are referring to. I just get:

Category: shareware-and-freeware

Application: ssl

Action: block-URL

Application might be the issue here. With snapshot I wanted to look at the actual URL that was under URL Filtering logs.

In an SSL session, firewall does not have visibility on the HTTP GET message as that is also encrypted. I believe you do not have ssl decryption on the device?

You will need ssl decryption to allow or block ssl site with specific URLs. Hope this helps. Thank you.

I really doubt this has anything to do with SSL decryption. If I allow 'shareware-and-freeware' it works fine. I don't want to allow all access to shareware and freeware for security purposes though.

With that URL it should have worked.

Could you try following :

Instead of putting the URL, configure Custom URL Category and add

addons.mozilla.org

*.addons.mozilla.org

In separate lines. Remove the entries in the allow list under URL Filtering Profile. Then change the action to Alert for the custom category in the same URL Filtering profile. Commit the changes. Navigate to the site and see if the category still shows up as Shareware or new Custom Category. Please do attach the snapshot as well after making and committing those changes. Thank you.

L5 Sessionator

Hello Martin,

Please add below URLs in allow list:

addons.mozilla.org

addons.mozilla.org/

addons.cdn.mozilla.net/

Regards,

Hari Yadavalli

L3 Networker

Spot on...

I should add that i needed *.addons.mozilla.org as well

  • 1 accepted solution
  • 5085 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!