Webfilter

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(Utils)
 
(12 intermediate revisions by one user not shown)
Line 1: Line 1:
==Black&White List==
+
{{DISPLAYTITLE:Web Filter}}
'''White List''': When white list is enabled, only messenger ids in the white list are available.<br>
+
== Web Filter ==
e.g. Block Internet except 'www.imfirewall.com'.<br>
+
The "Web Filter" module has below features:
[[File:Faq_en_webfilter001.jpg]]
+
* Website black & white list
<p>Now Internet is blocked but you can visit www.imfirewall.com or wiki.imfirewall.com.</p>
+
* Website category filtering
'''Black List''': When black list is enabled, all black-listed ids will be blocked.
+
* File type and content type filtering
e.g. Block shopping website list Taobao.
+
* Other features like limiting downloading size, blocking web access via IP...
[[File:Faq_en_webfilter002.jpg]]
+
<p>When you visit www.taobao.com it was blocked.</p>
+
  
==Category==
+
== Website Black & White List ==
'Categorie' allows you to customize which categories of sites will be blocked. Categories that are blocked will display a block page to the user.  You should check 'Apply this rule to https websites' in 'Utils' to apply to https websites.<br>
+
e.g. Block all categories except 'Online Storage'.<br>
+
[[File:Faq_en_webfilter003.jpg]]
+
<p>Now Internet is blocked but you can visit online storage website like 'https://www.dropbox.com/'</p>
+
  
==Files==
+
* Wildcards "*?" are supported.
'Files' allows you to block files by file extension. You can customize file extension in every file type.<br>
+
* By default, black & white list is applied to both http and https websites.
e.g. Edit 'Video' file type:<br>
+
* You may starts a comment with '#'.
[[File:Faq_en_webfilter004.jpg]]
+
* '''Block Listed'''(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
<p>e.g. Block 'Video' and 'Audio':</p>
+
* '''Allow Listed Only'''(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.
[[File:Faq_en_webfilter005.jpg]]
+
<p>Now you download a mp3 or video in web, it was blocked.</p>
+
  
==Exception==
+
[[File:Faq_en_webfilter001.png|800px]]
Domains in exception list aren't block, exception's priority is highest.<br>
+
e.g. Block Yahoo except sport in Yahoo, you can block '*.yahoo.com' in 'Black List' and add 'sports.yahoo.com' in Exception:<br>
+
[[File:Faq_en_webfilter006.jpg]]&nbsp;&nbsp;&nbsp;&nbsp;[[File:Faq_en_webfilter007.jpg]]
+
<p>Now you visit sports.yahoo.com, it's OK; visit www.yahoo.com, it's blocked.</p>
+
  
==Utils==
+
== Category Blocking ==
<p>1. 勾选“'''对https站点也启用黑白名单和网页分类过滤'''”,在黑白名单和网页分类中配置的规则对https网址也生效,默认该项是选中的。<br>
+
When enabled, you may filter domains by 60+ website categories.  
例如:在网站黑名单中配置了“*.baidu.com”,勾选该项。访问http://www.baidu.com和https://www.baidu.com,都被禁止。</p>
+
For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.
<p>2. 勾选“'''禁止通过IP访问'''”,访问网页时只能通过域名来访问。<br>
+
例如:启用该项后,访问www.baidu.com正常,访问180.97.33.107则无法打开百度首页。</p>
+
<p>3. 勾选“'''禁止Web文件'''”后可以定义web文件下载的大小。'''请注意:该项只能对http网址起作用'''<br>
+
例如:公司禁止下载大小超过2M的Web文件。打开网页下载一首歌曲,无法下载。</p>
+
<p>4. '''被封堵时'''可以选择显示封堵提示页面(页面内容在“系统配置-封堵提示”中配置),也可以重定向到某个网址。<br>
+
例如:当员工访问被禁止的网址时,显示封堵页面,提示员工“不要在上班时间访问不相关网站”。</p>
+
[[File:Faq_webfilter008.jpg]]
+
  
==FAQ==
+
[[File:Faq_en_webfilter003png.png|800px]]
 +
 
 +
To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".
 +
 
 +
[[File:Faq_en_webfilter003_2.png|600px]]
 +
 
 +
== File Filtering ==
 +
 
 +
You can block files by file extensions and HTTP content-type(mime type).
 +
For example, to block all online video and video file downloading, you can set "Video" to "Deny".
 +
 
 +
[[File:Faq_en_webfilter005.jpg|600px]]
 +
 
 +
Please notice:
 +
* To customize file types, you may click the "edit" icon besides every file type.
 +
* File filtering is only applied to http websites.
 +
 
 +
[[File:Faq_en_webfilter004.jpg|600px]]
 +
 
 +
== Exception ==
 +
 
 +
Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.
 +
 
 +
[[File:Faq_en_webfilter007.jpg|600px]]
 +
 
 +
== Utils ==
 +
 
 +
[[File:Faq_en_webfilter008.png|800px]]
 +
 
 +
* '''Apply this rule to https websites''': apply the "white & black list" and "category blocking" to https sites, enabled by default.
 +
* '''Block file uploading via webpages''': when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
 +
* '''Block web surfing via IP''': when enabled, websites can only be visited via domains.
 +
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only.
 +
* '''Allow referred resources of allowed web pages''': When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
 +
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
 +
* Please Note: http only options can also work on https sites when "[[SSLInspect|SSL Inspector]]" is enabled.
 +
 
 +
= External Links =
 +
* [http://blog.wfilterngf.com/?p=636 How to whitelist websites in WFilter?]

Latest revision as of 15:46, 13 March 2020

Contents

[edit] 1 Web Filter

The "Web Filter" module has below features:

  • Website black & white list
  • Website category filtering
  • File type and content type filtering
  • Other features like limiting downloading size, blocking web access via IP...

[edit] 2 Website Black & White List

  • Wildcards "*?" are supported.
  • By default, black & white list is applied to both http and https websites.
  • You may starts a comment with '#'.
  • Block Listed(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
  • Allow Listed Only(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.

Faq en webfilter001.png

[edit] 3 Category Blocking

When enabled, you may filter domains by 60+ website categories. For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.

Faq en webfilter003png.png

To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".

Faq en webfilter003 2.png

[edit] 4 File Filtering

You can block files by file extensions and HTTP content-type(mime type). For example, to block all online video and video file downloading, you can set "Video" to "Deny".

Faq en webfilter005.jpg

Please notice:

  • To customize file types, you may click the "edit" icon besides every file type.
  • File filtering is only applied to http websites.

Faq en webfilter004.jpg

[edit] 5 Exception

Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.

Faq en webfilter007.jpg

[edit] 6 Utils

Faq en webfilter008.png

  • Apply this rule to https websites: apply the "white & black list" and "category blocking" to https sites, enabled by default.
  • Block file uploading via webpages: when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
  • Block web surfing via IP: when enabled, websites can only be visited via domains.
  • Block web downloading when file exceeds xx(MB): this option is valid to http sites only.
  • Allow referred resources of allowed web pages: When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
  • Blocking Behavior, when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
  • Please Note: http only options can also work on https sites when "SSL Inspector" is enabled.

[edit] 7 External Links

Personal tools
Namespaces

Variants
Actions
Navigation
Tools