Webfilter

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(Exception)
 
(6 intermediate revisions by one user not shown)
Line 6: Line 6:
 
* File type and content type filtering
 
* File type and content type filtering
 
* Other features like limiting downloading size, blocking web access via IP...
 
* Other features like limiting downloading size, blocking web access via IP...
 
Please notice, enterprise license is required to enable "category blocking".
 
 
* Each client can be applied with multiple policies.
 
* Every policy can set "applied to" "clients" and "effective time".
 
* Besides the applied to "clients" and "time", detailed "web filter policy" settings are described in below.
 
  
 
== Website Black & White List ==
 
== Website Black & White List ==
Line 18: Line 12:
 
* By default, black & white list is applied to both http and https websites.
 
* By default, black & white list is applied to both http and https websites.
 
* You may starts a comment with '#'.
 
* You may starts a comment with '#'.
 +
* '''Block Listed'''(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
 +
* '''Allow Listed Only'''(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.
  
* '''White List''': When enabled, only domains in the white list can be accessed, all others will be blocked.
+
[[File:Faq_en_webfilter001.png|800px]]
For example, enable "white list" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.
+
 
+
[[File:Faq_en_webfilter001.jpg|800px]]
+
 
+
* '''Black List''': When enabled, only domains in the black list will be blocked, all others will be allowed.
+
For example, to block youtube during working hours, you can enable "black list" and add "*.youtube.com" into the list.
+
 
+
[[File:Faq_en_webfilter002.jpg|800px]]
+
  
 
== Category Blocking ==
 
== Category Blocking ==
Line 33: Line 21:
 
For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.
 
For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.
  
[[File:Faq_en_webfilter003png.png|600px]]
+
[[File:Faq_en_webfilter003png.png|800px]]
  
 
To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".
 
To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".
Line 55: Line 43:
  
 
Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.
 
Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.
 
[[File:Faq_en_webfilter006.jpg|400px]]
 
  
 
[[File:Faq_en_webfilter007.jpg|600px]]
 
[[File:Faq_en_webfilter007.jpg|600px]]
  
 
== Utils ==
 
== Utils ==
 +
 +
[[File:Faq_en_webfilter008.png|800px]]
 +
 
* '''Apply this rule to https websites''': apply the "white & black list" and "category blocking" to https sites, enabled by default.
 
* '''Apply this rule to https websites''': apply the "white & black list" and "category blocking" to https sites, enabled by default.
 +
* '''Block file uploading via webpages''': when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
 
* '''Block web surfing via IP''': when enabled, websites can only be visited via domains.
 
* '''Block web surfing via IP''': when enabled, websites can only be visited via domains.
 
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only.
 
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only.
 +
* '''Allow referred resources of allowed web pages''': When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
 
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
 
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
 +
* Please Note: http only options can also work on https sites when "[[SSLInspect|SSL Inspector]]" is enabled.
  
[[File:Faq_en_webfilter008.jpg|600px]]
+
= External Links =
 
+
* [http://blog.wfilterngf.com/?p=636 How to whitelist websites in WFilter?]
== FAQ ==
+

Latest revision as of 15:46, 13 March 2020

Contents

[edit] 1 Web Filter

The "Web Filter" module has below features:

  • Website black & white list
  • Website category filtering
  • File type and content type filtering
  • Other features like limiting downloading size, blocking web access via IP...

[edit] 2 Website Black & White List

  • Wildcards "*?" are supported.
  • By default, black & white list is applied to both http and https websites.
  • You may starts a comment with '#'.
  • Block Listed(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
  • Allow Listed Only(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.

Faq en webfilter001.png

[edit] 3 Category Blocking

When enabled, you may filter domains by 60+ website categories. For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.

Faq en webfilter003png.png

To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".

Faq en webfilter003 2.png

[edit] 4 File Filtering

You can block files by file extensions and HTTP content-type(mime type). For example, to block all online video and video file downloading, you can set "Video" to "Deny".

Faq en webfilter005.jpg

Please notice:

  • To customize file types, you may click the "edit" icon besides every file type.
  • File filtering is only applied to http websites.

Faq en webfilter004.jpg

[edit] 5 Exception

Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.

Faq en webfilter007.jpg

[edit] 6 Utils

Faq en webfilter008.png

  • Apply this rule to https websites: apply the "white & black list" and "category blocking" to https sites, enabled by default.
  • Block file uploading via webpages: when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
  • Block web surfing via IP: when enabled, websites can only be visited via domains.
  • Block web downloading when file exceeds xx(MB): this option is valid to http sites only.
  • Allow referred resources of allowed web pages: When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
  • Blocking Behavior, when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
  • Please Note: http only options can also work on https sites when "SSL Inspector" is enabled.

[edit] 7 External Links

Personal tools
Namespaces

Variants
Actions
Navigation
Tools