Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 5745 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering causes distorted, overlapping HTTP elements

JMagruder
ASG220 FW: 8.309
Web Filter Global: Std. Mode, AD SSO, AD Users Allowed
Default URL Filter: Allow, no categories blocked, safe search on.

Though we're not aware of recent rule changes on the ASG220, our client recently noticed that Website Design and Hosting | Domains | Website Builder | NetworkSolutions.com page display is distorted, with many HTTP elements overlapping.

Using the same browser, HTTPS://www.networksolutions.com displays normally.

I added "networksolutions.com" to an existing Exceptions rule that skips Caching/URL Filtering/SSL Scanning.  This immediately blocked ALL HTTP traffic. I removed "networksolutions.com" from the exception list and had to reboot the Astaro, before HTTP traffic was restored.

Any ideas what would suddenly cause the web filtering to distort this one particular URL, and why adding the URL to an existing exclusion rule would block HTTP to all URLs?

Thanks for any assistance

JimM


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Jim, and welcome to the User BB!

    I'm going to guess that a glance in the Web Filtering log file would show lines with statuscode="502" mixed in with "200" lines where some of the page got through.

    Add 'Antivirus' to an Exception for ^https?://[A-Za-z0-9.-]*networksolutions\.com/

    If that didn't resolve your issue, please post several lines from the Web Filtering log file when you get the overlapping phenomenon.

    Cheers - Bob
    PS I'd be tempted to add ^https?://[A-Za-z0-9.-]* to the domain names you're using in Web Protection - also the escape character "\" in front of the dot as I've done - also the trailing "/" as above.  In REGEX, "." means "any alphanumeric character," so ea.com also matches .
  • 0 in reply to BAlfson
    When we investigated this problem locally in February we determined that network solutions is sending broken HTML back through the UTM because the UTM doesn't do "Accept-Encoding:gzip".

    Network Solutions is sending back different content with/without gzip encoding breaking their own CSS. 

    $ diff 
Reply
  • 0 in reply to BAlfson
    When we investigated this problem locally in February we determined that network solutions is sending broken HTML back through the UTM because the UTM doesn't do "Accept-Encoding:gzip".

    Network Solutions is sending back different content with/without gzip encoding breaking their own CSS. 

    $ diff 
Children
No Data