Webfilter
From Wiki of WFilter NG Firewall
(Difference between revisions)
(→Utils) |
|||
| (5 intermediate revisions by one user not shown) | |||
| Line 6: | Line 6: | ||
* File type and content type filtering | * File type and content type filtering | ||
* Other features like limiting downloading size, blocking web access via IP... | * Other features like limiting downloading size, blocking web access via IP... | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
== Website Black & White List == | == Website Black & White List == | ||
| Line 18: | Line 12: | ||
* By default, black & white list is applied to both http and https websites. | * By default, black & white list is applied to both http and https websites. | ||
* You may starts a comment with '#'. | * You may starts a comment with '#'. | ||
| + | * '''Block Listed'''(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list. | ||
| + | * '''Allow Listed Only'''(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com. | ||
| − | + | [[File:Faq_en_webfilter001.png|800px]] | |
| − | + | ||
| − | + | ||
| − | [[File:Faq_en_webfilter001. | + | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
== Category Blocking == | == Category Blocking == | ||
| Line 33: | Line 21: | ||
For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default. | For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default. | ||
| − | [[File:Faq_en_webfilter003png.png| | + | [[File:Faq_en_webfilter003png.png|800px]] |
To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing". | To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing". | ||
| Line 55: | Line 43: | ||
Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked. | Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked. | ||
| − | |||
| − | |||
[[File:Faq_en_webfilter007.jpg|600px]] | [[File:Faq_en_webfilter007.jpg|600px]] | ||
== Utils == | == Utils == | ||
| + | |||
[[File:Faq_en_webfilter008.png|800px]] | [[File:Faq_en_webfilter008.png|800px]] | ||
* '''Apply this rule to https websites''': apply the "white & black list" and "category blocking" to https sites, enabled by default. | * '''Apply this rule to https websites''': apply the "white & black list" and "category blocking" to https sites, enabled by default. | ||
| − | * '''Block file uploading via webpages''': when enabled, clients won't be able to upload attachments in webpages. This option applies to http websites only. | + | * '''Block file uploading via webpages''': when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only. |
* '''Block web surfing via IP''': when enabled, websites can only be visited via domains. | * '''Block web surfing via IP''': when enabled, websites can only be visited via domains. | ||
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only. | * '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only. | ||
| + | * '''Allow referred resources of allowed web pages''': When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed. | ||
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL. | * '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL. | ||
| + | * Please Note: http only options can also work on https sites when "[[SSLInspect|SSL Inspector]]" is enabled. | ||
| − | == | + | = External Links = |
| + | * [http://blog.wfilterngf.com/?p=636 How to whitelist websites in WFilter?] | ||
Latest revision as of 15:46, 13 March 2020
Contents |
[edit] 1 Web Filter
The "Web Filter" module has below features:
- Website black & white list
- Website category filtering
- File type and content type filtering
- Other features like limiting downloading size, blocking web access via IP...
[edit] 2 Website Black & White List
- Wildcards "*?" are supported.
- By default, black & white list is applied to both http and https websites.
- You may starts a comment with '#'.
- Block Listed(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
- Allow Listed Only(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.
[edit] 3 Category Blocking
When enabled, you may filter domains by 60+ website categories. For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.
To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".
[edit] 4 File Filtering
You can block files by file extensions and HTTP content-type(mime type). For example, to block all online video and video file downloading, you can set "Video" to "Deny".
Please notice:
- To customize file types, you may click the "edit" icon besides every file type.
- File filtering is only applied to http websites.
[edit] 5 Exception
Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.
[edit] 6 Utils
- Apply this rule to https websites: apply the "white & black list" and "category blocking" to https sites, enabled by default.
- Block file uploading via webpages: when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
- Block web surfing via IP: when enabled, websites can only be visited via domains.
- Block web downloading when file exceeds xx(MB): this option is valid to http sites only.
- Allow referred resources of allowed web pages: When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
- Blocking Behavior, when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
- Please Note: http only options can also work on https sites when "SSL Inspector" is enabled.
