Hot!Pornhub listed as Pornography But Accessible

Author
theArties
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/04/04 00:04:32
  • Status: offline
2017/04/04 01:53:45 (permalink)
0

Pornhub listed as Pornography But Accessible

Hi All, 
 
I'm trying to make sense of this 200D unit whereby the fortigate categories were used to blocked all pornography. 
However when it was tested, www.pornhub.com is accessible. For comparison sake, www.playboy.com is blocked. 
 
I'm open to correction here, but by design the unit will contact the fortiguard services before it allows the access right? if so, it should be getting the updated ratings right? Is there a way to refresh the ratings if it's cached locally.
 
 
#1

6 Replies Related Threads

    ede_pfau
    Expert Member
    • Total Posts : 5220
    • Scores: 326
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/04/04 04:03:40 (permalink)
    0
    I think the problem is not directly related to rating.
    Pornhub and youporn.com have recently switched to HTTPS, the latter today. That may be the reason why the URL on the blacklist doesn't trigger. I don't think you would need Deep Inspection, though - if anyone could comment on this I'd be glad: if WF working regardless of the protocol, judging just by the URL?

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #2
    mike_dp
    New Member
    • Total Posts : 20
    • Scores: 0
    • Reward points: 0
    • Joined: 2016/02/22 12:26:22
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/04/04 07:01:34 (permalink)
    0
    Pornhub now uses https. Maybe you don't have SSL inspection activated ?
    #3
    hmtay_FTNT
    Gold Member
    • Total Posts : 183
    • Scores: 24
    • Reward points: 0
    • Joined: 2017/02/22 11:02:10
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/04/04 07:15:22 (permalink)
    0
    Hello,
     
    Did you enable certificate-inspection under "SSL Inspection" or "set ssl-ssh-profile <>"? ede_pfau and mike_dp are right, if a site uses HTTPS, you have to use at least the default "certificate-inspection" profile to make the FortiGate scan the HTTPS SNI - the Client Hello hostname or the SSL Certificate common name.
     
    HoMing
    #4
    theArties
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/04/04 00:04:32
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/04/04 18:18:52 (permalink)
    0
    Dear All, 
     
    thanks for your time in replying. 
     
    The URL assessible is http://www.pornhub.com. Not HTTPS. 
    And SSL Inspection has been turned on too. 
    Hence could not make sense why it does not work. 
    #5
    Fullmoon
    Platinum Member
    • Total Posts : 711
    • Scores: 2
    • Reward points: 0
    • Joined: 2010/08/02 18:02:10
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/04/05 00:45:06 (permalink)
    0
    upon checking accessing http://www.pornhub.com redirected to HTTPS.

    Fortigate Newbie
    #6
    jim3cantos
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2016/12/07 02:09:44
    • Location: Madrid. Spain
    • Status: offline
    Re: Pornhub listed as Pornography But Accessible 2017/08/23 05:14:46 (permalink)
    0
    I had the same problem as @theArties until I changed back the inspection mode in the web filter profile to Proxy (tried flow mode before because fortiguard categories didn't seem to work at all). After the change "adult" pages with https protocol are been blocked correctly (provided that "certificate-inspection" is activated in the policy).
    #7
    Jump to:
    © 2017 APG vNext Commercial Version 5.5