Sophos Central: How to exempt a website when it is blocked under specific category

Disclaimer: This information is posted as-is and the content should be referenced at your own risk

Hi Community,

In many scenarios, the non-malicious websites are getting blocked under a specific category. You can configure the website categories in Sophos Central listed here and control the internet content that users can access through a web browser.

The easier way to exempt a website is to use tags. For example, if you wanted to allow the site uk.video.search.yahoo.com that was previously blocked, then the steps below should be performed to create the appropriate website tag.  

  1. On Sophos Central Dashboard, Navigate to Global Settings then select Website Management.



  2. Click on the Add tab located on the upper right hand of the screen.
  3. Enter the address: uk.video.search.yahoo.com and select the appropriate category under category override.
  4. Create a new tag called Allow for example under Add tags. You can add the comments for reference.



  5. Click Save.
  6. The Website Management page should reflect the new entry.
  7. In the Web Control policy linked to the users to allow the site, go to Settings, under the section Control sites tagged in Website Management, add and choose the action for the created website tag (i.e Allow/Block/Warn).



  8. After saving the updated policy, usually within 30 seconds or when the machine receives the policy in the next communication cycle, it will be reflected and the user can access the website. 

 

Have an idea or suggestion regarding our Documentation, Knowledgebase, or Videos? Please visit our User Assistance forum on the Community to share your idea!

Parents Reply Children
  • Thanks for your reply, one more question, when blocking websites in the Website Management, do you have to put in all variations of the web addresses, or is there a wild card, e.g. gmai.com & mail.gmail.com?

  • Hello Dan,

    In this situation, I recommend creating an entry for each of the base domains that will be accessed when your end-users try to reach Gmail. I suspect if you were to block "mail.google.com" but not "gmail.com" the end-users would see a web-page redirect occurring followed by nothing loading after the redirect. 

    If both URLs are blocked then both will return the same behavior in strictly blocking the page when accessed, which would be a bit more suitable for your use case. 

    Kushal Lakhan
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids