Kerio Tech Firewall6 User Manual

Page 160

Advertising
background image

Chapter 12

HTTP and FTP filtering

160

Denial options

Advanced options for denied pages. Whenever a user attempts to open a page that is

denied by the rule, WinRoute will display:

A page informing the user that access to the required page is denied as it is

blocked by the firewall. This page can also include an explanation of the denial

(the Denial text item).

The Unlock button will be displayed in the page informing about the denial if the

Users can Unlock this rule is enabled. Using this button users can force WinRoute

to open the required page even though this site is denied by a URL rule. The rule

will be opened for certain time (10 minutes by default). Each user can unlock

a limited number of denied pages (up to 10 pages at once). All unlocked pages

are logged in the Security log (see chapter

22.11

).

Rules can be unlocked only by users with corresponding rights (see chapter

15.1

).

This implies that unauthenticated (anonymous) users can never unlock rules.

Note:

1.

If any modifications are done within URL rules, all unlock rules are removed

immediately.

2.

For security reasons, no HTML tags are allowed in the restriction text. If the

plaintext format is not sufficient, it is recommended to use redirection to

another page (see below).

A blank page — user will not be informed why access to the required page was

denied.

Another page — user’s browser will be redirected to the specified URL. This op-

tion can be helpful for example to define a custom page with a warning that

access to the particular page is denied.

Open the Content Rules tab (in the HTTP Rules section) to specify details for content filter

rules. Parameters on this tab can be modified only for rules where the Allow access to the Web

site option is enabled.

WWW content scanning options

In this section you can define advanced parameters for filtering of objects contained in

Web pages which meet the particular rule (for details refer to chapter

12.3

). Specific URL

settings have higher priority than user settings (see chapter

15.1

) and global rules for

unauthorized users (refer to chapter

12.3

).

One of the following alternatives can be set for each object type:

Allow — these objects will be displayed.

Deny — these objects will be filtered out of the page

Default — global rules or custom rules of a particular user will be applied to such

objects (this implies that this rule will not affect filtering of such objects)

Advertising
Popular Brands
Popular manuals