- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-03-2024 12:30 AM - edited 07-03-2024 12:30 AM
Hello there,
I need to every pdf converter sites. Examples like pdf.io, tools.pdf24.org, lightpdf.com.
I need to block that site url that contains "pdf"
How to configure it ? Any help please ?
07-03-2024 12:07 PM
Hello,
Do you have ssl inspection applied? If so you should be able to do a custom app-id, possibly matching a the http-req information. This would also more than likely catch items that you wouldnt want to catch, but if you're goal is to block any url that contains "pdf" then a custom app-id and a block rule for that app-id should get the job done.
07-03-2024 12:18 PM
I'd caution that what you're attempting to do isn't viable and attempting to block any URL that requests a resource that contains 'pdf' is going to many false-positives and usability issues on other resources. Your best bet with something like this would be a "best effort" attempt to identify resources and listing them in an easily updated EDL that you'd manage to attempt to block this sort of thing and having a policy that it isn't to be done and anyone identified doing so will face consequences.
While a large amount of these resources will include "pdf" in the URL, not all of them do. If you setup a signature to block access to anything with PDF in http-req I'd be extremely mindful of the number of resources you'll actually end up blocking and whether or not that's actually something you want to do.
07-03-2024 12:07 PM
Hello,
Do you have ssl inspection applied? If so you should be able to do a custom app-id, possibly matching a the http-req information. This would also more than likely catch items that you wouldnt want to catch, but if you're goal is to block any url that contains "pdf" then a custom app-id and a block rule for that app-id should get the job done.
07-03-2024 12:18 PM
I'd caution that what you're attempting to do isn't viable and attempting to block any URL that requests a resource that contains 'pdf' is going to many false-positives and usability issues on other resources. Your best bet with something like this would be a "best effort" attempt to identify resources and listing them in an easily updated EDL that you'd manage to attempt to block this sort of thing and having a policy that it isn't to be done and anyone identified doing so will face consequences.
While a large amount of these resources will include "pdf" in the URL, not all of them do. If you setup a signature to block access to anything with PDF in http-req I'd be extremely mindful of the number of resources you'll actually end up blocking and whether or not that's actually something you want to do.
07-03-2024 11:27 PM
Many Thanks. I have created custom app, it worked fine.
07-03-2024 11:29 PM
Many thanks for the help and many more.
About false positive, I aiming for the pdf so I dont need to worry about that. Thanks !!! 😄 🙂
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!