Sophos Central: How to exempt a website when it is blocked under specific category

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.


Hi Community,

In many scenarios, the non-malicious websites are getting blocked under a specific category. You can configure the website categories in Sophos Central listed here and control the internet content that users can access through a web browser.

The easier way to exempt a website is to use tags. For example, if you wanted to allow the site uk.video.search.yahoo.com that was previously blocked, then the steps below should be performed to create the appropriate website tag.  

  1. On Sophos Central Dashboard, Navigate to Global Settings then select Website Management.



  2. Click on the Add tab located on the upper right hand of the screen.
  3. Enter the address: uk.video.search.yahoo.com and select the appropriate category under category override.
  4. Create a new tag called Allow for example under Add tags. You can add the comments for reference.



  5. Click Save.
  6. The Website Management page should reflect the new entry.
  7. In the Web Control policy linked to the users to allow the site, go to Settings, under the section Control sites tagged in Website Management, add and choose the action for the created website tag (i.e Allow/Block/Warn).



  8. After saving the updated policy, usually within 30 seconds or when the machine receives the policy in the next communication cycle, it will be reflected and the user can access the website. 

 

Have an idea or suggestion regarding our Documentation, Knowledgebase, or Videos? Please visit our User Assistance forum on the Community to share your idea!



Updated disclaimer
[edited by: Qoosh at 9:59 PM (GMT -7) on 31 Mar 2023]
Parents Reply Children
  • Hello, 

    Thank you for reaching the community forum.

    Suppose you’re confident that this website is clean. I suggest you submit a website reassessment request through our sample submission portal and specify the category you wish to have for this website. 

    You can submit website reassessment by selecting "Web Address URL" and filling in the details. Once submitted, our labs' team will review the website, and the normal process will take 3-5 working days. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • I suggest checking the "Policy" section of the Sophos Endpoint Self Help tool. The timestamp shown next to "Sophos Web Control" should be updated once the policy changes have been received on the endpoint. 

    If the timestamp looks okay, I suggest trying to navigate to the website using an incognito or in-private-browsing window to ensure that no cached information from the browser is causing issues.

    If you wish for the website category to be changed on our end, you can proceed with the steps Glenn has suggested above. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • I've test what you suggest and the site is still blocked. We have the domain blocked in the list and are adding a more specific URL  to allow in the list is this not supported by the filter? 

  • May I ask if the website/subdomain looks like the following? 
    - site.com
    - web.site.com

    Blocking site.com but allowing web.site.com will work.

    If the subdomain you're trying to exclude is "site.com/example" this will not work.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • That is precisely what is required. Consider a lot of sites are consolidating onto Amazon or Google Infrastructure - the same infrastructure is used by the distributors of malware and phishing attacks to host their sites. So to protect the Org I need to be able to block the entire subdomain and then only allow particular elements of the site.   For example firebasestorage.googleapis.com is used for malicious purposes as it is for legitimate sites. Google uses the subdirectory portion for routing to the appropriate customer. They use the same thing across a number of services like Forms, docs etc. The same happens with Amazon URLs. So as a customer this is a "nice to have" its a necessary element.