In order to improve security and reduce the potential for cross-site scripting (XSS) exploits, Sophos retired the HTTP/S bookmarks feature for clientless access on the Cyberoam Firewall.
HTTP/S bookmarks are not supported by most database-driven websites that use dynamic URLs. Read more in Cyberoam Firewall: Bookmarks with dynamic URLs.
All other bookmark types such as RDP, TELNET, SSH, FTP, FTPS, SFTP, SMB and VNC are still supported. For Cyberoam Firewall v10.6.6.x, the HTTP/S bookmark types will still be visible in the user interface but will not be active. These user interface options will be removed from the drop-down list in an upcoming maintenance release.
On Cyberoam Firewall v10.6.6.x, after hotfix HF070220.1 is applied, a message will be presented in the Cyberoam Firewall Dashboard. This indicates that the feature has been retired.
End users that are trying to access previously configured HTTP/S bookmarks through the User Portal will be presented with the error below.
The following sections are covered:
Applies to the following Sophos products and versions Cyberoam UTM with Cyberoam Firmware version 10.6.6
For more information on configuring remote access, visit Configure SSL VPN in Cyberoam
If Web server protection is subscribed:
Use the Web Server Protection (WAF) feature to enable secure external connections to the web servers that were previously published previously via bookmarks.
Read more in Cyberoam Firewall: WAF configuration guide
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.