Url rules, 2 url rules – Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual
Page 148
Chapter 12
HTTP and FTP filtering
148
An appropriate protocol inspector is activated automatically unless its use is denied by
traffic rules. For details, refer to chapter
2.
Connections must not be encrypted. SSL encrypted traffic (HTTPS and FTPS protocols)
cannot be monitored. In this case you can block access to certain servers using traffic
rules (see chapter
).
3.
FTP protocols cannot be filtered if the secured authentication (SASO) is used.
4.
Both HTTP and FTP rules are applied also when the WinRoute’s proxy server is used (then,
condition 1 is irrelevant). However, FTP protocol cannot be filtered if the parent proxy
server is used (for details, see chapter
). In such a case, FTP rules are not applied.
5.
If the proxy server is used (see chapter
), It is also possible to filter HTTPS servers (e.g.
https://secure.kerio.com/
). However, it is not possible to filter individual objects at
these servers.
12.2 URL Rules
These rules allow the administrator to limit access to Web pages with URLs that meet certain
criteria. They include other functions, such as filtering of web pages by occurrence forbidden
words, blocking of specific items (scripts, active objects, etc.) and antivirus switch for certain
pages.
To define URL rules, go to the URL Rules tab in Configuration → Content Filtering → HTTP
Policy.
Figure 12.1
URL Rules
Rules in this section are tested from the top of the list downwards (you can order the list
entries using the arrow buttons at the right side of the dialog window). If a requested URL
passes through all rules without any match, access to the site is allowed. All URLs are allowed
by default (unless denied by a URL rule).
Note: URLs which do not match with any URL rule are available for any authenticated user
(any traffic permitted by default). To allow accessing only a specific web page group and block