Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 1496 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS Web Filtering - content filtering not working

Aaron Becker

XGS under Protect > Web

On the far right, I select the three dots, select Content Filtering and upload a text list that has a few test terms in it.

In my web filtering policy I apply the following:

But when I apply/save and go to testwebsite.com/disallowedterm (where 'disallowedterm') is on the txt I uploaded, the site is still allowed. What gives?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hello ,

    Thank you for reaching out to Sophos Community.

    Could you please post a configuration snapshot of 'Web filtering' from a firewall rule?

    Please share what terms you've added in 'test-terms' content filter and also share the URL which you're trying to access so that I could try to implement the same in my LAB environment.

    Ensure that HTTPS scanning is enabled in web filtering.

  • 0 in reply to FormerMember

    Web filtering is as follows: Checking the highlighted item made no difference in the results, btw.

    The test-terms list included many subjectively inappropriate sexual related terms. One of the less offense ones was "boobs" at a clients request and a website called "thechive.com" with a sub url with "boobs" in the string still appeared accessible.

    I also tried adding the word "blogs" to the list, and accessing my domains blog section (mydomain.com/blogs) which should've been blocked and was not.

  • 0 in reply to Aaron Becker

    Hello Aaron,

    Adding to what my co-worker Yash mentioned, make sure "Scan HTTP and decrypted HTTPs" is also selected".

    I would recommend you to try creating a Category, with the Domain and Keyword, rather than a Content Filter. 

    Regards,

  • 0 in reply to emmosophos

    I'll try that in some testing this evening with the Scan HTTP and decrypted HTTPS - but we also have to test the effects of how SSL scanning will affect our environment.

    It's my understanding the category > domain / keyword needs to be in domain format via FQDN - and does not work for wildcards or regex keywords. Am I mistaken in that understanding?