Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 25 replies
  • Subscribers 1 subscriber
  • Views 42603 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering Policy - Blocked content exceptions?

GZgidnick
Hopefully easy one. 
Web Filtering is on with a custom policy for Internal network.
The Filter Action applied is: ALLOW with a single blocked Category = Nudity.
There is one particular site that I need to allow as exception through the policy as it is not properly identified.

1. Added the site to the Web Filter Profiles > Given Action Filer > Websites > Allow this websites 
The site continues to be blocked.

2. Added the site to Web Filtering Options > Websites > Add Site > Category: Nudity > Reputation: Trusted
The site continues to be blocked

Test results:
Request URL: http://...........com/
Request Time: 15 Aug, 23:07 (EST)
Result: Blocked
Reason: Forbidden category detected
URL Category: Nudity 
Category overridden by websites list
URL Reputation: Trusted 
Reputation overridden by websites list
Filter Profile: Internal Network Web Control
Policy name: internal
Exceptions: AFC transparent skip, Advanced Threat Protection

What am I missing?

EDIT:
The only thing I found to be working as of this moment is:
Web Protection > Filtering Options > Bypass Users > Add user to the box
The listed user credentials can be used to unblock the website. 
Not very transparent solution


This thread was automatically locked due to age.
Parents
  • 0
    The browser "strips" the www because the server at www.kickass.to tells it to do so with an http status code "301 Moved Permanently" to kickass.to.  If the client cannot access www.kickass.to it can't get that directive from the server. 

    $ curl -i http://www.kickass.to/

    HTTP/1.1 301 Moved Permanently

    Server: nginx/1.7.4

    Date: Wed, 03 Sep 2014 03:55:03 GMT

    Content-Type: text/html

    Location: http://kickass.to/

    Content-Length: 184

    Accept-Ranges: none

    Connection: Keep-Alive

    

    

    301 Moved Permanently

    

    301 Moved Permanently
    

    nginx/1.7.4
Reply
  • 0
    The browser "strips" the www because the server at www.kickass.to tells it to do so with an http status code "301 Moved Permanently" to kickass.to.  If the client cannot access www.kickass.to it can't get that directive from the server. 

    $ curl -i http://www.kickass.to/

    HTTP/1.1 301 Moved Permanently

    Server: nginx/1.7.4

    Date: Wed, 03 Sep 2014 03:55:03 GMT

    Content-Type: text/html

    Location: http://kickass.to/

    Content-Length: 184

    Accept-Ranges: none

    Connection: Keep-Alive

    

    

    301 Moved Permanently

    

    301 Moved Permanently
    

    nginx/1.7.4
Children
No Data