Can bypass the url filtering by changing the URL in HTTP get request ?
Firewall rule deny connect to url deny.com and allow url allow.com
User try to connect to deny.com with IP adress a.b.c.d, user add item the host file or using plugin/extension of browsers to change http request to allow.com but destination ip address in packet is a.b.c.d
Firewall will allow the request, so user can connect to deny.com by IP address ?
For HTTPS the firewall can categorise it based on the certificate CN received, which is not something the client can falsify.
For plaintext HTTP traffic, the only information available is the HTTP host header, so it will be categorised based on that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!