Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 13412 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block domain exept one URL of the domain

s70

Hello

In our company we want to block example.com. Until now I realized this by blacklisting the domain. Now we need access to one link on the domain “example.com”: “example.com/weneedthislink”.

I tried to implement this with regular expressions: “ example\.com(?!\/weneedthislink)”

But unfortunately Sophos doesn’t seem to know “!”.

What is the recommended way to satisfy the requirement?

Thanks,

Marco



This thread was automatically locked due to age.
Parents
  • 0

    Marco, please insert a picture of the solution that didn't work and show the line from the Web Filtering log where you got the wrong result.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob

    We want to block youtube due to low bandwith. But the users should be able to watch just one youtube-movie. The movie used here is just an example.


    The exact Regex i inserted for testing purposes in "block these website" is: ^https?:\/\/([A-Za-z0-9.-]*\.)?youtube\.com(?!\/watch\?v=qmdBfsOkeEI)

    I tested the Regex on different Regex-Testing sites and it looks ok. youtube.com results in a match but https://www.youtube.com/watch?v=qmdBfsOkeEI doesn't match.

    When I call the site www.youtube.com/watch the Sophos Web Proxy shows the following:

    The Sophos log tells the following:

    2016:04:06-16:30:37 xxxx httpproxy[9911]: id="0062" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden url detected" action="block" method="CONNECT" srcip="xxx" dstip="" user="xxxx" ad_domain="xxxx" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2951" request="0xe020f000" url="https://www.youtube.com/" referer="" error="" authtime="46" dnstime="0" cattime="111" avscantime="0" fullreqtime="208082" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" exceptions=""

    Thanks and regards,

    Marco

  • 0 in reply to s70

    You will have to block Youtube on the global level and to create filtering exception like this:

    ^https?://([A-Za-z0-9.-]*\.)?ytimg\.com/
    ^https?://([A-Za-z0-9.-]*\.)?googlevideo\.com/
    ^https?://([A-Za-z0-9.-]*\.)?ggpht\.com/

    And also regex for every single video, like:
    ^https?://([A-Za-z0-9.-]*\.)?www\.youtube\.com/watch\?v=37b4KkJDEDs


    Tested successfully on firmware version 9.313 last summer at a client site while doing PoC (Proof of Concept) demonstration.

  • 0 in reply to vilic

    How to completely block Youtube using tag:

Reply Children
No Data
Unfiltered HTML