10-14-2022 10:38 AM
Hi everyone
Can bypass the url filtering by changing the URL in HTTP get request ?
For example
Firewall rule deny connect to url deny.com and allow url allow.com
User try to connect to deny.com with IP adress a.b.c.d, user add item the host file or using plugin/extension of browsers to change http request to allow.com but destination ip address in packet is a.b.c.d
Firewall will allow the request, so user can connect to deny.com by IP address ?
Thanks
10-15-2022 03:03 PM
For HTTPS the firewall can categorise it based on the certificate CN received, which is not something the client can falsify.
For plaintext HTTP traffic, the only information available is the HTTP host header, so it will be categorised based on that.
10-16-2022 07:34 PM
Thank you for reply. Could you share some more detail information ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
