03-07-2018 02:02 PM
Kinda. The only way I can think of to actually acomplish this would be to build a custom application based on HTTP-Headers. If you do a pattern match you shouldn't have an issue pulling the referrer information. Then you can allow/block this application through your security policies.
03-09-2018 05:27 AM
Hi @BPry
We have a scenario where Internet access is blocked by default for most of users and the access is allowed by a custom URL object that have a list of URL or FQDN.
I found a traffic related to one of the allowed FQDN that uses http referrer but is denied because the FQDN inside the URI is not inside the white list but it has into the http referrer the allowed FQDN.
Based on it I'm trying to allow this traffic based in this http field.
I didn't find the http referrer attribute inside the available options to http protocol when I was building the custom app.
As we don't have a testing environment to homologate this custom app I'd like to ask you if I'm in the right way to match this kind of traffic and allowed.
Below I put the options I worked to build the custom app.
Application / Signatures
Signatures Name: http-scup
Scope: Transaction
Operator: Pattern Match
Context: http-req-params
Pattern: www.domain.com
Qualifier: http-method GET
Thanks for your time.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
