I set up website management (as described here) to block specific websites (mainly phishing).
This works completely fine for full domains and when I add a domain it is blocked on endpoints after just a few seconds.
However, the problem is that this simply does not work for URLs even though the article explicitly mentions URLs.
To be more specific:
One of our employees received a mail with a link to https://storage.googleapis.com/maliciousapp/index.html (not the real URL of course).
Instead of blocking the domain storage.googleapis.com (which would block all Google storage websites and is not wanted) I want to block just the URL https://storage.googleapis.com/maliciousapp/index.html or https://storage.googleapis.com/maliciousapp/ and all subsites.
The URL is still accessible when I add the full URL to website management and select our blacklist tag (which is configured to be blocked under Web Control policy)
When I remove the /maliciousapp/index.html part of the URL the domain is blocked (and the URL too).
Is this simply not working as described in the article, did I misinterpret the article or is my configuration wrong?
This thread was automatically locked due to age.
