Re: Filter blocks only insecured web sites
I recommend you to use a DNS filter if possible as it will block the name resolution itself, and not HTTP or other traffic.
If you want to use a web filter you have to configure ssl inspection (certificate inspection or deep inspection) so the Fortigate can at least check the certificate of the website to check the url, but the browser might present a "certificate warning". This is due to the fact https traffic is encrypted so the Fortigate can't see which site the request is for.
You can also try with a webfilter "*.*:443", but I haven't tried that myself, so I can't promise it'll work.