Block wetransfer Upload

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Block wetransfer Upload

L1 Bithead

 

Hello everyone,

I have a problem with allowing wetransfer to download and blocking the download,

Wetransfer is part of the 'Online-storage-and-backup' category.

The choice is to block this category and create a bypass just for downloading on wetransfer,

On my side, I tried to create a URL whitlist category:
we.tl/*
wetransfer.com/downloads/*

Do you have any idea how I can do this?

1 accepted solution

Accepted Solutions

L0 Member

If I understood you correctly and you want to block WeTransfer Upload while allowing Download you just need to create two rules based on app-id:

  1. Allow apps "wetransfer-base" & "wetransfer-downloading" 
  2. Block app "wetransfer-uploading"

The latter one may not even be required if you have a default blocking rule later in the policy. And you do not need to use a URL category as a matching criterion in neither of these rules. 

View solution in original post

4 REPLIES 4

L0 Member

If I understood you correctly and you want to block WeTransfer Upload while allowing Download you just need to create two rules based on app-id:

  1. Allow apps "wetransfer-base" & "wetransfer-downloading" 
  2. Block app "wetransfer-uploading"

The latter one may not even be required if you have a default blocking rule later in the policy. And you do not need to use a URL category as a matching criterion in neither of these rules. 

L1 Bithead

@nmatveev Thank's, it's good 🙂 

L1 Bithead

@nmatveev 

I am faced with a new problem,
wetransfer is also part of the "Online Storage and Backup" category which is in block,
so how do i fit my rule to make it work?

Do you mean you have it blocked in a URL-filtering profile that is assigned to the wetransfer rules or somewhere else?

 

If the former is the case then you simply need to use a URL-filtering profile with either all categories set to "alert" or, better, set only malicious categories to "Block" (see "Block Recommended" section in this article https://live.paloaltonetworks.com/t5/blogs/url-filtering-category-recommendations/ba-p/325701) and all others, including the "Online Storage and Backup" category, to "Alert". 

 

If the latter is the case, well, then you need to allow it somehow... There are several ways of achieving this depending on your environment and business requirements. For example, you could have the same AD group assigned to the "wetransfer" rule and a rule that would allow "ssl and web-browsing" to the "Online Storage and Backup" category (that category would need to be set as the matching criterion, on the "Service/URL category" tab; the URL profile in that rule would need to be set to "Alert" only on all categories).

 

  • 1 accepted solution
  • 4895 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!