Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 7433 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter URL group does not accept RegEx?

Someone7272

I'm trying to move over to XG from Sophos UTM. But I can't seem to define RegEx patterns in the Web Filter using the URL Group.

I try to enter ^https?://([A-Za-z0-9.-]*\.)?craigslist/

e.g. I want to block ALL craigslist domains, including global ones...

and I get You must enter a valid domain name

Now I thought URL Group allows RegEx expressions, unlike defining a custom web category using only domain names.

Is there something trivial that I'm missing, or is there more to this?

We're still using Sophos UTM on a Virtual Machine, but I'm also demoing Sophos XG during downtime, in order to test drive it without disrupting the household. Once I can get XG working how I'd like it to, I will migrate.



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Define a Web Filter category and add craigslist domain and keyword. Define it as an unproductive category and block it within the global web filter policy. This will be a more simpler approach. PFA screenshot.

    Thanks

  • 0 in reply to sachingurung

    Thanks for the reply, but it won't work in this situation.

    Domain blocking will not work because what exactly is the craigslist domain? Is it craigslist.com, craigslist.it, craigslist.co.uk, craigslist.org or even craigslist.fr?

    You get the picture, it isn't practical to block all of these, and this is why I wanted to use Regular Expressions. The keyword blocking could work, but could also end up blocking legitimate sites which merely reference Craigslist. Note that Craigslist was only used here as an example, there are many other sites which have multiple country-level TLD domains.

    The Craigslist example probably wasn't a very good one. Consider this real-life scenario:

    • I have an iPhone. It's an old 4S running iOS 6.
    • I don't want it to be updated beyond iOS 6.
    • Apple iOS 5 or later has an auto-update agent which cannot be disabled.
    • On Sophos UTM, I can add this expression to a RegEx blacklist: http://appldnld.apple.com/iOS(7|8|9)
    • This would block requests for new versions of iOS, but NOT the entire domain.

    This is what I'm trying to achieve in Sophos XG.

Reply
  • 0 in reply to sachingurung

    Thanks for the reply, but it won't work in this situation.

    Domain blocking will not work because what exactly is the craigslist domain? Is it craigslist.com, craigslist.it, craigslist.co.uk, craigslist.org or even craigslist.fr?

    You get the picture, it isn't practical to block all of these, and this is why I wanted to use Regular Expressions. The keyword blocking could work, but could also end up blocking legitimate sites which merely reference Craigslist. Note that Craigslist was only used here as an example, there are many other sites which have multiple country-level TLD domains.

    The Craigslist example probably wasn't a very good one. Consider this real-life scenario:

    • I have an iPhone. It's an old 4S running iOS 6.
    • I don't want it to be updated beyond iOS 6.
    • Apple iOS 5 or later has an auto-update agent which cannot be disabled.
    • On Sophos UTM, I can add this expression to a RegEx blacklist: http://appldnld.apple.com/iOS(7|8|9)
    • This would block requests for new versions of iOS, but NOT the entire domain.

    This is what I'm trying to achieve in Sophos XG.

Children
No Data