cancel
Showing results for 
Search instead for 
Did you mean: 
luizricardo
Level 9

Block URL Category does not work

Hi

I did a implementation using MWG 7.1.5 and using URL Category Blocklist like the image:

Block Category.jpg

And in the category blocklist I have a lot of category and when I try access a website in these categories I can access without problem, look this log:

[20/Sep/2011:09:26:23 -0300] "luizricardo" 10.61.0.121 200 "GET http://playboy.abril.com.br/wp-content/plugins/clubalfa-landing-pages/assets/images/sprite-bulets.pn... HTTP/1.1" "Malicious Sites, Pornography" "High Risk" "image/png" 319 "" "" "0"

What can I do to trace the police permit this traffic ?

My configuration has 3 TOP RuleSet:

1st: Global Whitelist

2nd: Authentication and Authorize

3rd: Common Rules enabling cache

And the others rules to filter traffic for specific Internet Groups and in all groups have two rule sets: A rule with whitelist for the group, a category blocklist, url blocklist, Risk policy and the other rule set is for MediaType files.

what is wrong ? or what can I do to check this?

Thanks a lot!

Luiz Ricardo

0 Kudos
4 Replies
dstraube
Level 11

Re: Block URL Category does not work

Hello Luiz,

from the screenshot your rules look as if it should work, but there might be a rule that whitelists the request before it comes to the ruleset. You should check if there is any "Stop Cycle" action before this ruleset. You might also want to check the entry criteria for the rule set group to check if the request really entered this rule set.

For debugging your rules:

The "Enable RuleEngineTracing" is a very good idea to check what is actually going wrong, but using it in the rule here will not work. When you can access the site the rule did not trigger, so the event did not trigger either. You should enable RuleEngineTracing before, maybe even at the start to catch the whole execution tree.

Regards,

Dirk

0 Kudos
luizricardo
Level 9

Re: Block URL Category does not work

Hi Dirk!

I found the problem. When I typed the criteria to filter I've used Authentication.UserGroups contains "User Group" but I was typed with two ""User Group"" and after removed this all rules work fine.

Thanks again for the support!

Luiz Ricardo

0 Kudos
adabbas
Level 7

Re: Block URL Category does not work

this is happening with me , in category content filtering, URL BLOCKED section , pornogrpahy has been bloccked but when i sit at my workstation i can easily access porn websites. why is that?

0 Kudos
McAfee Employee

Re: Block URL Category does not work

Not every situation is the same, but I imagine there may be some misconfiguration in your rules to allow it.

I have written an article which describes how to form your policy:

https://community.mcafee.com/docs/DOC-2210

This takes into account situations like what I imagine you are encountering.

~Jon

0 Kudos