Here is the way you can do it :
1) Create a String type Whitelist like this:
2) Create a Wildcard Exp type Whitelist (you can enable/disable any ajax you want, it's up to you):
1) Below is the final rule in a Rule Set named EXAMPLE:
- URL must matche your Wildcard Exp Whitelist (URL WHITELIST EXAMPLE).
- Add a Referer 'OR' condition with this same Wildcard Exp Whitelist.
- Add a URL.Parameters 'OR' condition with the String type Whitelist you created.
- Stop Rule Set or Stop Cycle.
- Block Social Network cat or Block facebook.
Thanks! It works
just one single addition. In the output above you call "Stop Cycle" when you detect a request to Facebook. Probably a "Stop Ruleset" would be better, because "Stop Cycle" will also skip Media Type Fitlering and Anti Malware, which is something you probably want to apply to Facebook requests.
That's why I said in my explanation : make a Stop Rule Set or Stop Cycle (it's up to the customer and the security policies applied in the company).
I have to admit I just looked at the screenshots. Sorry :-)
Thank you for the clarification!
I have one Webgateway version 184.108.40.206 and in my case this rule don´t run.
Or block ou allow all. The Rule was build exactly as discribe before
Somebody have this rule on version 220.127.116.11 working well?
I created rule set as per above mentioned but URL block in second rule is "Facebook".
Also inform you that our web gateway version is 7.5.2.
If you need analyze rule set so I have attached in this post.