Blocking fake-HTTP(S) traffic with Web-Filter
We protect a group of servers with a Fortigate 500D (running OS 5.6).
What I am trying is block all outbound traffic with only a few exceptions, such as Windows Update.
Since they are servers, they do not need access to most of the websites out there.
So I white-list those exceptions with url-filters (due to the lack of license).
The problem is, while my Fortigate makes it to block outbound web requests to those not white-listed,
it forwards "fake" HTTP traffic, that is, non-HTTP(s) traffic from 80/443 ports.
I've tried "Block invalid URLs", with no luck.
I prefer web-filter to FQDN addresses, because I need partial hostnames and wildcards.
Besides, FQDN for IPv6 is not available in my version of OS.
Is it possible to have web-filter block non-HTTP traffic?