Allow Specific URL

nappy · ‎04-12-2013

Hi, I would like to block www.facebook.com, but I would like to only allow access to a specific facebook URL eg www.facebook.com/radiowave So Users should not be able to access facebook but should be able to access the company facebook page. How can I accomplish this? Thanks

Dave_Hall · ‎10-11-2013

Hi Stryker. The web site functionality may depend on other sites/domains. If you have logging enabled you should be able to check the blocked URLs (under the Log and Archive Statistics widget) or the Web Filter log under " Log&Report" . Add any " missed" urls to your URL or Local ratings category. (You may want to play around with " Allow Websites When a Rating Error Occurs" , " Strict Blocking" , or " Block HTTP redirects by Rating" options in your web filter Profile to see if that makes a difference.) The attached screen shot is from 4.0 MR3 patch 14. You did not indicate which firmware your fgt device is running.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

Oh_Yaw_Theng · ‎10-31-2013

Hi Faaeq, Can you try to change the action to " Exempt" ? Try again and see whether it works. Thanks.

View solution in original post

Aigarz · ‎06-24-2013

Hello, I will bump this one up with " how to allow specific twitter account" . Company account should be allowed, however the rest of the twitter.com - block To start off, I' m able to get results with almost any other site. www.specificsite.com/foo - exempt or pass www.specificsite.com - block But when it comes to twitter - it doesnt work. Heres is the config and specific user which should be permitted - doesn' t work

 config webfilter urlfilter
     edit 1
         set comment ' ' 
             config entries
                 edit " twitter.com/user1" 
                     set action exempt
                     set exempt av filepattern web-content activex-java-cookie dlp fortiguard range-block all
                     set status enable
                     set type simple
                 next
             
                 edit " twitter.com/user2" 
                   set action allow
                     set status enable
                     set type simple
                 next
                
                 edit " twitter.com" 
                     set action block
                     set status enable
                     set type simple
                 next
           set name " custom-wf" 
         set one-arm-ips-urlfilter disable
     next
 end

system FG300c (HA [A-P]) /w 5.0.2 code

Dipen · ‎06-26-2013

You have to use URL Filters I suggest you use *.facebook.com/* in Wildcard Mode [Not Simple Mode] as block. Then use www.facecook.com/radiowave in Simple Mode as allow. Allow should take precedence over block.

Ahead of the Threat. FCNSA v5 / FCNSP v5

Fortigate 1000C / 1000D / 1500D

Faaeq · ‎07-29-2013

Hello, I have web filtering enabled and it blocks the sites by category fine. but i want to unblocked one of the blocked sites. I have added it to URL Filter to keep it from blocking, but doesnt work.

Dave_Hall · ‎07-30-2013

ORIGINAL: Faaeq I have added it to URL Filter to keep it from blocking, but doesnt work.

Try changing the type to regex and set the URLs (using your example) to " .*\.msn\.com.*" and " .*\.tv\.com.*" (without the quotes). If that does not work, try setting the URL to " msn.com" and " tv.com" (leave the type at reqex). If app control is enabled on the fw policy, you may want to check that app control to see nothing in it is blocking the sites in question. An alternate way to " allow" a website through FortiGuard web filtering is to use the Ratings Override to reclassify the web site (in question) to a category that is already allowed through the firewall.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

Oh_Yaw_Theng · ‎10-31-2013

Hi Faaeq, Can you try to change the action to " Exempt" ? Try again and see whether it works. Thanks.

kelvinshee · ‎06-16-2016

Hi, is working after exchange to " Exempt " on firmware 5.2.7

but on firmware 5.4.0 is not working!!

Stryker412 · ‎10-11-2013

I have a teacher who needs to get to a specific pinterest website. We already have pinterest.com unblocked. So she can get to the root home page but cannot get to a user' s pinterest page. We have a ratings override category of " allowed sites teachers" which pinterest is in. Not sure why the entire site isn' t whitelisted. Would appreciate any suggestions.

Dave_Hall · ‎10-11-2013

Hi Stryker. The web site functionality may depend on other sites/domains. If you have logging enabled you should be able to check the blocked URLs (under the Log and Archive Statistics widget) or the Web Filter log under " Log&Report" . Add any " missed" urls to your URL or Local ratings category. (You may want to play around with " Allow Websites When a Rating Error Occurs" , " Strict Blocking" , or " Block HTTP redirects by Rating" options in your web filter Profile to see if that makes a difference.) The attached screen shot is from 4.0 MR3 patch 14. You did not indicate which firmware your fgt device is running.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

mosameer · ‎04-04-2018

this was most helpful hint, I had this problem, and discovered that other dependent URLs are blocked. all was done is to exempt these URLs, and the website is fully operational.