Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 17 replies
  • Answers 2 answers
  • Subscribers 8 subscribers
  • Views 124330 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Unblocked Games" - How to block "Google sites"

stvkellogg
I've been asked to block games for some student accounts, which I've been able to achieve through the "games" category in Filter Actions and adding a few individual domains.  What I haven't been able to block are some "unblocked games" sites, especially ones that are on "Google sites" web sites.

If someone could tell me how (if it's possible) to block specific "Google sites" web sites I would be grateful.  I prefer to encourage students to use their time wisely of their own accord, but I've been asked to do what I can to make game sites unavailable.

Thanks,

Steve



[locked by: SupportFlo at 3:45 PM (GMT -7) on 11 Sep 2018]
[unlocked by: SupportFlo at 3:51 PM (GMT -7) on 11 Sep 2018]
[locked by: SupportFlo at 3:53 PM (GMT -7) on 11 Sep 2018]
  • 0 in reply to BAlfson

    Bob, I did as you suggested and found that the Web Filtering Live Log seems to "quit" after a short period of time.  Filtering does not work at all for some reason.  I can type the URL into the Filter box, but the log seems to be outputting whatever it likes in there.  Can't see the URL I'm trying to filter in the log's output.  Is anyone else having this issue?

  • 0 in reply to VincentVanier

    If you don't see it in the Web Filtering log at all, it's not being handled by Web Protection.  What do you learn from doing #1 in Rulz?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    I'm going to assume that you are just having a problem with filering the logs, and that the requests are going through the proxy.
    I'm also going to assume that you have HTTPS scanning turned on.  Without HTTPS Scanning the proxy cannot see or block anything to do with paths in the URL.
    I'm going to assume that, because the policy tester said it was Result Allowed that you problem lies in the policy.

    Option 1:
    Go to the Filter Action Elementary Students and Edit it.
    Go to the Websites tab.  Under block these Websites, add a blacklist object.
    Set to Match URLs based on Domain and put the domain in there.
    sites.google.com/.../ 
     
    Option 2:
    Go to Filtering Options, Websites.
    Click New Site.
    Put in the URL sites.google.com/.../
    Overide the category to Games.
    Assuming your policy already blocks Games, this will be blocked automatically.  It also has the benefit of appearing as a blocked game in reports.
    If you want slightly more control, rather than changing the category you can add a tag.  Then in the Filter Actions you can block that tag.  This would be better if the problem isn't really a miscategorization, but something that you want to block even though it is categorized correctly.

    Option 3:
    If you are sure that the URL is a gaming site and that everyone would think so, tell TrustedSource to update their categorization.
    https://www.trustedsource.org/
    Put in the URL and suggested category.  I think that if you get an account you can actually track status of the recat request.  It can take a few days.
     
     
     
    Option 3 fixes bad categorization it for many customers.  Option 2 fixes bad categorization for yourself.  Option 1 is a force block regardless of category.  I would do them in that preference order.
     
  • 0 in reply to FormerMember
    [deleted]

    iZamir.Com is my dream project to provide valuable information to the reader in Pakistan like our recent guide about Best Solar AC in Pakistan .

  • 0 in reply to James Woakes

    Hi and welcome to the UTM Community!

    If you are using Web Filtering in the Transparent mode, it's possible that Chrome and Android phones are accessing the server using UDP 443 instead of TCP 443.  You could create a firewall rule like 'Any -> {UDP 443} -> Internet : Drop' to force Chrome to use TCP.

    If you are using the Proxy in Standard mode (explicit proxy), you can add UDP 443 to 'Allowed Target Services' on the 'Misc' tab of 'Filtering Options'.

    In either case, you must not select 'Do not proxy HTTPS traffic in transparent mode' on the 'HTTPS' tab of the filtering Profile.

    You should now be able to block that URL effectively.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • FormerMember
    0 FormerMember in reply to James Woakes
    [deleted]
  • 0 in reply to FormerMember

    Please see the three options listed earlier in this thread.

Unfiltered HTML