one of our customers wants youtube completely blocked, execpt for some disclamiers.
So what they only want to allow access to the following URLs :
Now when i try to define a "URL and Application Filtering Rule" with Regular Expression and/or GLOB Expressions it never matches that Rule.
When i test the Expression (either regex or glob) against the mentioned URL's they match. So i'm certain it's not a matching isssue.
When i enter the domain (youtube.com) in a String-type List instead of a Wildcard Expression-type List, all of youtube.com is allowed. The webgate still does not respect the URL-Path.
In Troubleshooting => Ruletracing all i can see is the Host-Part of the URL like https://www.youtube.com but never the Path-Part of the URL eg. "/copyright".
So the Question is, how can i allow or deny access to a HTTPS-URL, based on the URL-Path ?
Since we intercept all SSL Traffic, the Webgateway should be able to see the URL path, right ?
Any input is greatly appreciated
There are a couple things to take into account here:
1. Before MWG will know the full URL, it must allow the first connection for the SSL tunnel (CONNECT and CERTVERIFY). All details about this are outlined here:
2. Once you have allowed the SSL tunnel connection, MWG will have the ability to filter the full URL as you want and expect: