This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

How to Block specific HTTPS Sites?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to Block specific HTTPS Sites?

PhLang
L1 Bithead

‎03-15-2018 07:17 AM

Hello,

 

I'm struggling to block some internal https sites.

 

I have to block various sites/urls of a server from a specific zone, while I have to keep some others open 

The urls look like:

https://servername.suff.dom:8443/aaa/bbb/ccc/ddd/eeeee_ff_application1

 

Now I have to block application1 to application 4, while keeping 5 to xx open. Btw I dont know how many applications there are on this host, because it is managed by another team.

 

So the goal is to keep the access open and block specific application-urls

 

What I have done so far and didnt work out:

Created a custom URL category with the urls to block in it and added it to a deny rule

Created an URL Filter setting all categories to allow and added the urls to the block list

 

Tried various url substrings:

servername.suff.dom:8443/aaa/bbb/ccc/ddd/eeeee_ff_application1

aaa/bbb/ccc/ddd/eeeee_ff_application1

/aaa/bbb/ccc/ddd/eeeee_ff_application1

 

Do you have any ideas how to do that?

 

Kind regards,

 

philip

 

0 Likes Likes
5 REPLIES 5

BPry
Cyber Elite
Cyber Elite

‎03-15-2018 07:29 AM

@PhLang,

Are you decrypting HTTPS traffic, because if not then 'abandon all hope ye who enter here'. 

0 Likes Likes

PhLang
L1 Bithead
In response to BPry

‎03-15-2018 07:35 AM

Of course I have an decryption policy otherwise I couldnt check the full url.

kind regards,

Philip

0 Likes Likes

BPry
Cyber Elite
Cyber Elite
In response to PhLang

‎03-15-2018 07:42 AM

@PhLang,

That's what I wanted to check, some thing that the firewall can see the full URL regardless of whether or not they decrypt the traffic. 

0 Likes Likes

PhLang
L1 Bithead
In response to BPry

‎03-15-2018 07:50 AM - edited ‎03-15-2018 07:50 AM

Hi,

 

thanks for the help! Maybe I was working too much today 🙂 Found the fault, regardless it was mine - there was a typo in the fqdn of the object....

 

kind reagards,

 

Philip

BPry
Cyber Elite
Cyber Elite
In response to PhLang

‎03-15-2018 07:50 AM

@PhLang,

I was trying to think of reasons why it wasn't working and couldn't really come up with any. Glad that you found the typo! 

0 Likes Likes
  • 2504 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks