"Stupid" Custom URL Filtering Question

Reply
L4 Transporter

"Stupid" Custom URL Filtering Question

If I want to block all derivations of "acme.com" in URL filtering how should I format the domain in my blocklist/custom blocking category?

If I add "acme.com" then that doesn't appear to match "www.acme.com", but if I add "*.acme.com" then it doesn't match "acme.com" (although it does it that redirects to another URL such as www.acme.com).

Ultimately I wan to be able to say I am blocking ALL traffic associated with a specific domain with as few repeated entries as possible!

Cheers


Accepted Solutions
Highlighted
L5 Sessionator

Re: "Stupid" Custom URL Filtering Question

You should be able to block www.acme.com and acme.com with the patterns:

*.acme.com

acme.com

View solution in original post


All Replies
Highlighted
L5 Sessionator

Re: "Stupid" Custom URL Filtering Question

You should be able to block www.acme.com and acme.com with the patterns:

*.acme.com

acme.com

View solution in original post

Highlighted
L4 Transporter

Re: "Stupid" Custom URL Filtering Question

Thanks - this is what I thought - is this 'behavior by design'?

However, as I understand it this means that if I add:-

acme.com

*.acme.com

and they add a new tier:-

bypass.www.acme.com

then it won't match my filters and will be allowed, and I'll need to add:-

*.*.acme.com

Seems a bit cack-handed - and reactionary - when all I want to do is say - block "ACME"..!

Highlighted
L5 Sessionator

Re: "Stupid" Custom URL Filtering Question

Yes, this is expected. When you need to block bypass.www.acme.com, the wildcard to be used will be *.*.acme.com.

Highlighted
L4 Transporter

Re: "Stupid" Custom URL Filtering Question

Hi There,

Here is a thread with some more expansion on all the delimiters other than 'dots'.

Thanks

James

Highlighted
L6 Presenter

Re: "Stupid" Custom URL Filtering Question

When you setup:

acme.com

*.acme.com

doesnt that second line include what.ever.www.acme.com ?

And to answer apackard: this is quite common when it comes to url-filtering, I have seen this behaviour on more devices than PA. I guess those who doesnt have this in the GUI will actually do the same thing in the backend.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!