The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Pages are not blocked as expected when using the 'Endpoint Full Web Control' feature of Sophos Anti-Virus. This issue only occurs when using a Sophos Web Appliance as proxy server.
First seen in Sophos Web ApplianceSophos Anti-Virus for Windows 2000+ 10.0
The IP address of the Web Appliance has been explicitly allowed in the Web Appliance policy. When used as a proxy the IP address of the Web Appliance will be the destination address for every HTTP request, therefore this should not be explicitly allowed.
Login to the Sophos Web Appliance. Remove the web appliance IP address from: Configuration | Group Policy | Local site list
Configuration | Group Policy | Local site list
This IP address should not be allowed by tag or have it's default risk-class/category changed.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.