04-07-2022 07:30 AM
I am trying to make a rule hit on a custom URL filtering profile with HTTP header insertion for postman traffic to be allowed, so I created a URL filtering profile with a custom URL category in order to allow the specific URL ( /upload/ subdirectory specifically and not the whole domain as I am not trying to avoid scanning the rest of the subfolders) which postman is trying to access on my server. (screenshots below)
but the rule doesn’t get any hits, it instead skips it and hits a later rule that’s blocking postman’s traffic as malicious while I am trying to make it hit to whitelist access to this specific subdirectory.
I am not using app-id (but the traffic is getting caught in a following policy as web-browsing), just tcp port 9000 for traffic (as seen in the policies screenshot)
Am I using the URL filtering parameters correctly? (I verified the header id in postman, and the domain in the http header I defined is exactly the one that’s getting blocked in the threat logs)
04-08-2022 09:45 AM
Are you decrypting the traffic? Depending on how TLS is set up, you may not see any more than the FQDN unless decrypted.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
