I was testing a website exclusion in Intercept-X and had a hard time to finnaly get it working.
So I wanted to browse to the Sophos Testsite.
As expected this was blocked. regardless of http or https used.
So I went to Central Global settings and created an exception for that website and selected a manual Category:
But I Intercept-X was still blocking access to the page.
Ruling out a specific module, I disabled one by one.
Obviously it was beeing blocked by Sophos Network Threat Protection.
The machine has EAP installed and https decryption enabled.
I could immediately browse to that website after disabling Sophos Network Threat Protection.
So I added the second exception for the website in the https decryption section:
Now, if I open that page with https I can only see xml code:
http still shows block banner
So I added a third exception in the Threat Policy for the device:
but this did not change anything.
I don't have a clue where to allow it else than on the three menues I already was.
When accessing the website "https://sophostest.com/hacking/index.html" on a system without Sophos installed, I see that the XML page is also returned. I will inquire internally to see if this is the expected result or if there should be some content displayed on the webpage.
When testing the website management category override, I could go to the website successfully without returning a block message. During testing, I am using incognito windows each time so that the previously cached response from the webpage is not presented.
In some cases, if Sophos Central reports that a website is blocked due to the Hacking category, it will also have a malicious detection when navigating to the site. In these situations, you may also need to create an exclusion in the Threat Protection Policy for the website in question. I don't believe that to be the case with the sophostest hacking site.
Let me know if you're also using incognito windows or are clearing the cache when testing.