How to block Amazon Prime Video

Do you know what format the Amazon prime URL's are in ? (be interested to know myself)  Not sure on that one myself, i would be tempted to play a video and look in the logs, or look at a historic log if its not something you can do yourself. And then block the videos by URL or URL matching.

When you go on the main page for Amazon video the URL is;

https://www.amazon.co.uk/Prime-Video/b/ref=nav_shopall_aiv_piv?ie=UTF8&node=3280626031

"prime-video" changes according to what you selected so it can also be "amazon-video"

However any video that you play the URL changes to;

www.amazon.co.uk/dp/.........

Here is the grand tour URL:

https://www.amazon.co.uk/dp/B01J93ZB6Q/ref=atv_hm_hom_1_c_pbwan_2_1?_encoding=UTF8&pf_rd_i=home&pf_rd_m=A3P5ROKL5A1OLE&pf_rd_p=869993807&pf_rd_r=0D2NDX4B7KKVW3GZN3XT&pf_rd_s=center-3&pf_rd_t=12401

I think it may have to be blocked by URL but when I spoke to a sophos technical support rep he suggested that amazon.co.uk maybe a subdomain to amazon.com and if the parent domain isn't blocked then it maybe impossible to do.

Somehow, the REGEX I supplied above was not what I'd pasted in in the first place, so I've corrected that.

Why would you need to explicitly allow the domain in the first place?

Cheers - Bob

Thanks bud, i'll give it a go.

Our finance department need access for purchase's.

We just need a quick fix for now until we implement firewall rules via groups/devices as currently within this particular site the firewall rules applies to everyone.

I gave it a go, still didn't work.

To access the amazon video section your have two URL to one landing page:

https://www.amazon.co.uk/Amazon-Video/b/ref=sd_allcat_aiv?ie=UTF8&node=3010085031 - if you select Amazon Video

https://www.amazon.co.uk/Prime-Video/b/ref=sd_allcat_aiv_piv?ie=UTF8&node=3280626031 - If you select Amazon Prime

Taking the regex you made i added

^https?://www\.amazon\.co\.uk/Amazon\-Video

But that too didn't work

And then added

^https?://www\.amazon\.co\.uk/dp

it froze the video I thought it was a one off so i removed it & added it back on to test & it didn't work this time. So it could have been something else.

Let's start at the beginning.  I don't think you need to have something that allows amazon.com.  You should only need to block what you don't want to allow.

If you don't have access to someone with experience configuring Web Protection, you might want to get management's buy-in to get help with your initial configuration.  More than once, I've gone behind a talented CCIE that made a situation that I billed twice as much to fix than if I'd designed and setup the UTM initially.  I hope you can get some help sooner rather than later.  Once it's set up correctly, requests like the one you've responded to here will be easy to realize.

If your reseller doesn't have that level of experience, ask Sophos Sales to suggest someone.

Cheers - Bob

Absolutely you are right, we only block site's that needs blocking as suppose to the other way round.

We do have a external department who builds our UTM and am sure they would be able to implement the REGEX. However due to their busy schedule no one is able to look into this site anytime soon.

Just to clear things up - we want amazon to be open "allow" and we just want to block amazon prime video so anyone can access amazon but the moment they want to play a video on the site then they are blocked right away.

It could just be possibly that i'm doing it wrong - but the way I inputted the regex was to go to;

Web protection > Web filtering > Polices > Default content filter block action > Websites

I spoke to Sophos extensively and they just kept refusing to the entertain the idea that it is possible.

Thank you Bob, as it's only been you that has offered suggestions/solution to which am grateful.

Good morning UK, I thought this sounded similar to an issue I ran into trying to block Facebook live video (underlying applications) yet allowing Facebook. The case was open with Sophos support and then escalated to the development team. It should be noted I have SG330 hardware appliances running the latest version OS. At the time it was 9.3x, I pasted the reply from support here. It's not apples-to-apples with your situation, however it may be similar enough to supply some comfort, or discomfort depending...

Sorry for the inconvenience.

We had a meeting with our developers and according to them  in our detection we don't detect the sub application.

So to make that happen, there needs to be a major change in the architecture itself.

Most probably that will happen with version 9.5.

We are still coordinating with our developers regarding this and shall keep you posted.

I thank you for your cooperation.

cooper

Thank you Cooper.

The response i received from Sophos was;

"This mail is regarding XXXXX where Amazon Instant Video does not get blocked .

We cannot block the subdomain while allowing the main domain. Hence, to block amazon instant video, you need to block amazon altogether.
Please contact us for any further assistance."



 

Yep I read that, hopefully we'll both get some satisfaction with 9.5something.

Yes, I hope so too.

Guys, I don't get it.  You're not trying to block a sub-domain, you're trying to block a family of URLs.  When you tried the REGEX I suggested, you just said it didn't work, but you didn't show us the line in the Web Filtering log where it was allowed to pass.  Can we see that line from the 8th?

Cheers - Bob

Guys, I don't get it.  You're not trying to block a sub-domain, you're trying to block a family of URLs.  When you tried the REGEX I suggested, you just said it didn't work, but you didn't show us the line in the Web Filtering log where it was allowed to pass.  Can we see that line from the 8th?

Cheers - Bob