How to Block specific HTTPS Sites?

cancel
Showing results for 
Search instead for 
Did you mean: 

How to Block specific HTTPS Sites?

L1 Bithead

Hello,

 

I'm struggling to block some internal https sites.

 

I have to block various sites/urls of a server from a specific zone, while I have to keep some others open 

The urls look like:

https://servername.suff.dom:8443/aaa/bbb/ccc/ddd/eeeee_ff_application1

 

Now I have to block application1 to application 4, while keeping 5 to xx open. Btw I dont know how many applications there are on this host, because it is managed by another team.

 

So the goal is to keep the access open and block specific application-urls

 

What I have done so far and didnt work out:

Created a custom URL category with the urls to block in it and added it to a deny rule

Created an URL Filter setting all categories to allow and added the urls to the block list

 

Tried various url substrings:

servername.suff.dom:8443/aaa/bbb/ccc/ddd/eeeee_ff_application1

aaa/bbb/ccc/ddd/eeeee_ff_application1

/aaa/bbb/ccc/ddd/eeeee_ff_application1

 

Do you have any ideas how to do that?

 

Kind regards,

 

philip

 

5 REPLIES 5

Cyber Elite
Cyber Elite

@PhLang,

Are you decrypting HTTPS traffic, because if not then 'abandon all hope ye who enter here'. 

Of course I have an decryption policy otherwise I couldnt check the full url.

kind regards,

Philip

@PhLang,

That's what I wanted to check, some thing that the firewall can see the full URL regardless of whether or not they decrypt the traffic. 

Hi,

 

thanks for the help! Maybe I was working too much today 🙂 Found the fault, regardless it was mine - there was a typo in the fqdn of the object....

 

kind reagards,

 

Philip

@PhLang,

I was trying to think of reasons why it wasn't working and couldn't really come up with any. Glad that you found the typo! 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!