06-22-2018 06:19 AM - last edited on 03-25-2019 04:55 PM by ciscomoderator
Hello,
I am trying to drop a connection to a specific path of a URL in Decryption Policies and allow only access to the homepage of that site.
The URL looks like https://exampleurl.eu/en/home.html. This is the part that I would like to allow.
The part that I would like to drop the connections is https://exampleurl.eu/en/articles/
I tried using the following regex in a Custom URL Category (under Advanced=>Regular expressions) and used it a decryption policy rule:
exampleurl\.eu/en/articles/
Unfortunately it does not work. To be sure that I'm indeed hitting the Decryption Policy Rule, I added the fqdn in the Sites of the Custom URL Category (exampleurl.eu) and that worked: the site is successfully dropped.
The site that I'm trying to block also exists in http. When trying the above regex in the Access Policies for http traffic, the regex works perfectly and the path of the URL is blocked (http://exampleurl.eu/en/articles/).
Is there an issue with the regex in the decryption policies?
Thank you.
06-24-2018 06:21 PM
Hi,
For HTTPS traffic to read the regular expression or to read the URI path of the domain, the traffic will have to be decrypted first (in decryption policy the action will need to be set as "decrypted".
If the traffic is being set to passthrough, WSA can only see the parent domain and will not have the information of the URI path.
Hope this helps
Regards
Handy Putra
06-25-2018 07:04 AM
Hello,
Thanks for the response. I managed to solve it :)
I was indeed trying "Decrypt" in the URL filtering of the Decryption Policies Rule.
However, instead of using in the Rule a URL category that contained regex, I used a URL category that only had the domain name (exampleurl.eu, .exampleurl.eu).
Then I used the URL category that contained regex in a rule of the HTTP Access Policies.
Thanks again for your support.
07-08-2018 05:00 PM
Hi,
Great to hear that you have sorted this out
Regards
Handy Putra
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide