Possible to apply "warn" action to an FQDN host group?

Hello LRSFC_DanJ ,

Thank you for reaching out to the community, I am afraid it would not be possible !

This would be a Feature Request; I'd recommend you reach out to your Account Manager, Sales Engineer, or Sales Representative so that they can enter this request into our system. 

Additionally, you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.

=============================================================================================

As of now under the web policy, we can apply the warn action to only users and groups only:

Sorry, I have not worded my question correctly, I meant in the Activities column can we have an FQDN host group?

Not FQDN hostgroup but you can create a custom category and in that allow keyword or certain domain !

OK but the specific situation I was asking about is when we have a Warn action on a website URL, for example frontier.co.uk, and then if the user clicks Proceed on the warning, we also want to enable the website's image CDNs to work as well (zaonce.net in this example).

I did not understand, considering the game website, I added the category games to warn and I achieved the following:
And both the URLs:
zaonce.net & frontier.co.uk fall into Games category, so if add a game category to warn it will display the page below and upon clicking on proceed, it will be accessible !!



So, what is that you are trying to achieve after this ? LRSFC_DanJ 

What you want to achieve is: When the user opens a "warned" website, all requests that are necessary (for that website) such as CDN's should also be allowed?

If that's what you want, then you won't be able to use FQDN Host Group for it. You will have to use the "Categories" option of Web Filtering. (And manually add all domains that are necessary.)

But be aware, it won't work as you expect, after the user passes through the warning any future requests to those URLs will be allowed, such as, if you allow AWS S3 through the category, the user will be able to access it directly - without having to access "frontier.co.uk".

You are correct in regards to what I want to achieve, yes. But it sounds like it is not possible. Thank you for your help anyway.

Hello Vivek,

I'll clarify a bit more clearly.

The website frontier.co.uk uses another site zaonce.net to host its images. So if you click proceed on frontier.co.uk, the website will load, but it will not have any images showing, because zaonce.net will still be blocked by the warning notice, but the user won't see that one.

That's right, hence if you allow the game category under the policies and then you access the  frontier.co.uk, users will be able to see the images from zaonce.net cause both the sites fall in the same category.

We block Games though, we don't want to allow the whole Games category, we just want to allow this one site as you cannot actually play games on the site, it's for our Careers department to be able to link to their jobs page.