Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 3845 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Apply URL RegEx Exceptions to Individual Web Filtering Policies

tscott_16

I need to use RegEx URL exceptions only for specific Web Filtering policies; not globally.

 

If I add the RegEx under Exceptions, it applies globally to all policies.

URL Groups can be applied per policy but do not accept RegEx.

 

What am I missing?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to tscott_16

    tscott_16 said:

    I'm needing to create web filtering exceptions to allow certain services but apply them only to specific policies instead of applying them globally from Web > Exceptions.

    That is a solution that is not possible.  I'm trying to understand the problem that you are trying to solve in order to help you with an alternate solution.  Without knowing what problem you are experiencing or trying to resolve I cannot help.

     

    For example "When most people go to https xyz.com I want to do HTTPS scanning, but some users/devices cannot install the certificate and do HTTPS scanning, so I want to exclude them".  That is a problem that could be solved without exceptions.

  • 0 in reply to Michael Dunn

    So an example that I just encountered yesterday is I want to block the "Download Freeware & Shareware" category but that includes the Google Play Store. I want to allow Google Play Store URLs only for specific web filtering policies and not globally for all.

  • +1 in reply to tscott_16

    So this is a whitelist of domains you want to override a category block.

     

    Create a URL group object and put in all the Google Play store domains.

    In the web policy, have a higher level rule that allows the URL group, and then a lower level rule that blocks the category.

     

    Alternately you can use a Custom Category rather than a URL group, the results are similar.

     

    Some more info:

    https://community.sophos.com/kb/en-us/124370

    https://community.sophos.com/kb/en-us/127270

  • 0 in reply to Michael Dunn

    Great. I think this is the answer. It looks like even though URL groups do not support RegEx, there is enough flexibility to do what I need to. Thanks!