Hot!Web filtering fails for IP of website but DNS is blocked

Author
Randomnamegoeshere
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/06/16 22:52:32
  • Status: offline
2019/06/16 22:55:59 (permalink)
0

Web filtering fails for IP of website but DNS is blocked

Have a Fortigate setup with Deep SSL inspection with web filtering, the web filtering works if i go to https://websitegoes here.
However, if i type in the IP of that site it goes straight through, is that to be expected? how can i change this?
#1

4 Replies Related Threads

    hubertzw
    Gold Member
    • Total Posts : 192
    • Scores: 5
    • Reward points: 0
    • Joined: 2018/04/16 13:29:04
    • Status: offline
    Re: Web filtering fails for IP of website but DNS is blocked 2019/06/17 00:01:11 (permalink)
    0
    I'm not sure how effective it will be in your case but you can try: 'Rate URLs by domain and IP Address'. You can find it in the 'Web Filter' security profile, in the 'Rating Options' section.
    #2
    Dave Hall
    Expert Member
    • Total Posts : 1477
    • Scores: 163
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: Web filtering fails for IP of website but DNS is blocked 2019/06/17 08:41:16 (permalink)
    0
    Keep in mind when rating URLs by IP address is some site may be hosted on "cloud" servers and/or may be classified as such or pulls page elements (e.g. images) from other domains, so you may run into rating issues. 
     
    Your best bet if you really want to nix users from browsing by IP address is to perhaps craft a URL using perl or regular expression that triggers on a IP-like addresses - I never tried this myself so do not know how effective it would be.

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #3
    emnoc
    Expert Member
    • Total Posts : 5252
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: online
    Re: Web filtering fails for IP of website but DNS is blocked 2019/06/17 08:47:26 (permalink)
    0
    Yes correct, virtual-hosting  could become an issue. You should block by dns or content  in the URL string.
     
    Ken Felix

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #4
    Randomnamegoeshere
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/06/16 22:52:32
    • Status: offline
    Re: Web filtering fails for IP of website but DNS is blocked 2019/06/17 15:26:08 (permalink)
    0
    emnoc
    Yes correct, virtual-hosting  could become an issue. You should block by dns or content  in the URL string.
     
    Ken Felix


    Hi Ken,
     
    DNS blocking works but the ip of the website doesnt, is my only hope to block all ip based requests via regex?
    #5
    Jump to:
    © 2019 APG vNext Commercial Version 5.5