Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 28 subscribers
  • Views 15883 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Exemption

yardiman

I am having an issue accessing a particular web page my.joistapp.com, while the page is being displayed correctly i'm unable to enter data in it, however if i by pass the firewall i'm able to enter data on the Website..

Url pattern matches

my.joistapp.com

^([A-Za-z0-9.-]*\.)?my.joistapp\.com\.?/

skip the following:-

Https decryption

malware scanning

policy check

Any light on what i'm missing?



This thread was automatically locked due to age.
Parents
  • 0

    Hi yardiman, 

    Could you let us know if the Webhost is in your Network or in the remote network from your location ? You may need to provide the Rule and Policies applied and check the logs in Log Viewer.

    There must be a URL which is not of that domain, so you may conduct on your test machine and allow all policy applied with no Scanning applied. This should display the URL used to display the page or simply use a Browser Diagnostic to check which URL is not loaded.

    Also add the exception as ^([A-Za-z0-9.-]*\.)?joistapp\.com\.?/

  • 0 in reply to Aditya Patel

    The Web Host is in the cloud, Its a Web Page that allows us to create estimates...( https://my.joistapp.com)...there are no rules per say ..the page is being displayed correctly however it does not allow the input of data.. so i placed it in the web exempt list.

    I also placed the exception you provided...still no Joy..

    Is there a rule that i can create that will allow a PC on the network to bypass the firewall rules?

    Thanks.

  • 0 in reply to yardiman

    Note that you generally cannot exempt a path within a site from HTTPS filtering, you can only exempt a whole site. This is because the firewall cannot see the path that is being requested until after the traffic has already been decrypted. By the time we can see the path, it's too late to skip decryption!

    I tried using the site with HTTPS decryption enabled and it worked fine for me, but it may be that there are other settings causing issues once the HTTPS decryption starts. I did notice that the site also accesses URLs at the following hosts:

    https://us20.zopim.com

    https://api.joistapp.com

    https://api.mixpanel.com

    https://bam.nr-data.net

    So it might be worth trying the following exclusions as well:

    ^us20\.zopim\.com\.?/

    ^api\.mixpanel\.com\.?/

    ^bam\.nr-data\.net\.?/

     

     

  • 0 in reply to RichBaldry

    Were you able to input data?

  • +1 in reply to yardiman

    I was. As I said, I was not able to reproduce the issue you described.

    However, I have just tried again with a different XG firewall and I did see a problem - for example, clicking 'Add Client' on an estimate wouldn't work.

    I tracked the problem down to another site that joistapp.com relies on - transloadit.com

    It happened that on the second I had a web policy that was blocking the category 'Download Freeware & Shareware'. transloadit.com is in this category.

    When I created an exception for transloadit.com, similar to the others, I was once again able to add information to the estimate.

    Does your web policy block this category? 

     

  • 0 in reply to RichBaldry

    Thanks for all your help, it worked like a charm[Y]

Reply Children
No Data