This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

URL Filtering and SSL sites

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

URL Filtering and SSL sites

Go to solution
Wusu
L1 Bithead

‎11-05-2013 08:55 AM

Hi all,

I have a question regarding URL filtering. I set up URL filtering in Security Profiles to "Continue" for Social Networking. I noticed that if i open the first site under social networking, i get the response page "to continue", after that if i open the 2nd social networking i do not get any prompt, it just opens. And the same for any web sites under social networking. But if i open a site with https, i get a "page cannot be displayed". For example i opened https://socialnetworking.sites i get an error but if i open http://socialnetworking.sites  i get the prompt to continue or it just opens (if another site in that category is already opened). The problem is most sites automatically re-directs from http to https. Is that the way URL Filtering works?  If not how can i make URL filtering works so that each and every site that falls under the URL category shows the prompt to continue and also not shows "page cannot be displayed" when the address contains https. Thanks

1 accepted solution

Accepted Solutions

Go to solution
kadak
L5 Sessionator

‎11-05-2013 10:12 AM

Hello Wusu,

For HTTPS websites, you would require to get a 'Continue' page for URL filtering.

For example,

If you don't configure SSL decryption, you will still get a continue page for http://www.facebook,com

But for the https version of facebook.com, you would configure the SSL decryption as follows:

continue_page_https.PNG.png

After including the correct URL category in the SSL decryption policy, the following page is presented :

conitue_1.PNG.png

Notice the continue page is presented for an https version of facebook.com

Hope that helps!

Thanks and regards,

Kunal Adak

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
kadak
L5 Sessionator

‎11-05-2013 10:12 AM

Hello Wusu,

For HTTPS websites, you would require to get a 'Continue' page for URL filtering.

For example,

If you don't configure SSL decryption, you will still get a continue page for http://www.facebook,com

But for the https version of facebook.com, you would configure the SSL decryption as follows:

continue_page_https.PNG.png

After including the correct URL category in the SSL decryption policy, the following page is presented :

conitue_1.PNG.png

Notice the continue page is presented for an https version of facebook.com

Hope that helps!

Thanks and regards,

Kunal Adak

0 Likes Likes

Go to solution
Wusu
L1 Bithead
In response to kadak

‎11-05-2013 11:57 AM

Hi Kadak,

Thanks for your answer! I am very positive it  is going to work. But we haven't decided on decryption yet and hence no certificate for forward trust. Is there a work-around to make it work without the certificate? Thanks

Regards

Wusu

0 Likes Likes

Go to solution
Wusu
L1 Bithead
In response to Wusu

‎11-05-2013 12:40 PM

Hi Kadak,

i tested it and it works perfectly. Big thanks!

0 Likes Likes
  • 1 accepted solution
  • 3264 Views
  • 3 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks