This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Protection blocking websites categorized as Spyware.

I'm trying to reach a legit website but Sophos Web Protection is stating:

  • Your organization's policy prohibits access to websites categorized as Spyware.

I've added the site to the "web control customizations" and tagged it as "Allowed Websites" which have the action of "allow" in the base policy.

I've updated the client and waited 24 hours and I can still not access the site.

I've submitted the requets for reclassification to Sophos, but that states up to 5 days.

Am I missing something? Surely there should be a way to override the classifications, I thought adding the exception would work - am I doing something wrong?



This thread was automatically locked due to age.
  • The spyware cat isn't web control it's web protection.

    Have you tried adding a website exclusion under either the base policy explicitly or globally under: cloud.sophos.com/.../global-exclusions.

    Policy changes should only take around 20 seconds to reach the endpoint.  For web control you can check under the following location for the policy fragments:
    \program data\sophos\web control\policies\ for Windows. The other exclusions will end up creating entries in machine.xml under: \programdata\sophos\sophos anti-virus\config\

  • Thanks for clarifying the web control/protection difference. I didn't realise you could add websites to the "scanning exclusions".
    However even after adding the domain to this list, I still cannot access the site - the same message appears. I've checked the machine.xml file as you mentioned and it does contain a line with the the domain exclusion, so the policy does seem to be coming down to the clients ok.

    Any other suggestions? In the meantime I've opened up a case with support.
  • You have to have the website recategorized. We had the same thing happen with one of our business sites. Here is a link to the request form:
    secure2.sophos.com/.../reassessment-request.aspx

    They usually get it fixed within 48 hours they said. I submitted a feature request to allow white-listing of these types of pages, but never got a response.
  • Thanks all, SophosLabs eventually performed the reclassification and we can now view the site. It'd be nice if we (as the administrators) had more control over this as we were not able to access the site for at least 5 days.
  • The exclusion should work. As a test, if I visit:
    www.sophostest.com/.../
    it gets blocked as expected. If I make an exclusion for sophostest.com it is allowed.

    Regards,
    Jak