cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block "m.facebook.com" my MWG

Jump to solution

Hi,

I am using McAfee WebGateway, Version 9.2.7.

I am so surprised that I cannot block "m.facebook.com".

I can block "facebook.com"  easily by blocking Category "social network", but it does not work for "m.facebook.com".

I already tried URL Wildcard "m.facebook.com" and Application control, it did not work.

By using rule tracing tool, even I did not see "m.facebook.com" appear when clients access.

Someone please help to deal with this

Thanks

2 Solutions

Accepted Solutions

Re: Block "m.facebook.com" my MWG

Jump to solution

Hi Marcel Kutrieba,

I found the problem.

I did it correctly.

But m.facebook.com is allowed because of Policy for office 365 rules.

I had top policy that allow O365 that include "Office Mobile URLs - Third Party Services", "m.facebook.com" is matched in this list.

Due to cache so when I trace I did not see m.facebook.com.

I saw it in trace tool after clearing cache.

Thank you

 

View solution in original post

mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Block "m.facebook.com" my MWG

Jump to solution

Ah yes, might be possible. I did not have this O365 Bypass rule set enabled. So did not notice this bypass.

So happy that it was clarified now 🙂 Based on this you can modify the bypass rule set to ignore m.facebook.com or disable this rule and then maintain its access based on application name etc. as you wanted further below in policy.

Please mark this post as resolved with your comment for documentation.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

5 Replies
mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Block "m.facebook.com" my MWG

Jump to solution

Hello @User38132267,

first of all, if you do not see a request in rule trace, it probably did not hit the proxy. All connections that hit the MWG and were running through policy and finished/closed are shown in rule trace.

Further, I did a quick test and when I open m.facebook.com, I land on a login page where I still get "Facebook" as application name and "Social Networking" as category as shown in screenshots below.

I would suggest to reproduce the issue and collect rule trace as well as feedback file and then open support case as this information is to sensitive for community.

m.facebook application name.PNGm.facebook category.PNG

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: Block "m.facebook.com" my MWG

Jump to solution

Dear Marcel Kutrieba,

I am sorry for misunderstanding, it hits to the MWG.

When I access m.facebook.com, in rule tracing tool I only saw "facebook.com" (I dont find m.facebook.com there) then it is blocked, but the PC still can load the page m.facebook.com.

PLease check as below:

1- When I access m.facebook.com

Block action mFB.JPGAccess mFB OK.JPG

2. When I access facebook.comBlock action FB.JPGBlock FB OK.JPG

mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Block "m.facebook.com" my MWG

Jump to solution

So m.facebook.com is a complete own URL host. The request to it should be shown in rule trace as in my screenshots. If you do not see it, it might be possible that this particular request did not hit the MWG or the site is cached in browser.

Please check:
1) delete cache or refresh website with STRG + F5 as this should refresh without cache. Alternatively open F12 developer tools > network > check box "Disable Cache" and then refresh website and check request + response within in this network window. If you see the request there to m.facebook.com, you can select the request and then check the header. Response header should normally show the VIA header including MWG IP. Then you know it definitively comes from MWG back.

2) check if any exceptions are configured in browser or proxy.pac depending on what you use.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: Block "m.facebook.com" my MWG

Jump to solution

Hi Marcel Kutrieba,

I found the problem.

I did it correctly.

But m.facebook.com is allowed because of Policy for office 365 rules.

I had top policy that allow O365 that include "Office Mobile URLs - Third Party Services", "m.facebook.com" is matched in this list.

Due to cache so when I trace I did not see m.facebook.com.

I saw it in trace tool after clearing cache.

Thank you

 

View solution in original post

mkutrieba
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Block "m.facebook.com" my MWG

Jump to solution

Ah yes, might be possible. I did not have this O365 Bypass rule set enabled. So did not notice this bypass.

So happy that it was clarified now 🙂 Based on this you can modify the bypass rule set to ignore m.facebook.com or disable this rule and then maintain its access based on application name etc. as you wanted further below in policy.

Please mark this post as resolved with your comment for documentation.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community