USG FLEX 200 - Blocked URL Keywords to block download of certain files

aed_alt
aed_alt Posts: 2

I thought I could use Blocked URL Keywords to prevent downloading of specific file types (e.g. .exe, .scr, .bat files).

I have a working active Profile for Content Filtering and the Forbidden Web Sites is working for domain names.

However, Blocked URL Keywords doesn't seem to do anything.

For example, to block .scr files, I've tried:

*.scr*
*.scr
/*.scr
*/*.scr
*/*.scr*

The idea is to block access to e.g. www.anydomain.com/path/to/someFile.scr

And I do have "Enable HTTPS Domain Filter for HTTPS traffic" checked.

But nothing's being blocked. Am I doing something wrong?

All Replies

  • PeterUK
    PeterUK Posts: 2,706  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited March 9

    It can't be done all the Filter for HTTPS traffic does is sees the SNI like hb.yahoo.net it does not see the link and file extension not sure if ssl inspection will help?

  • PeterUK
    PeterUK Posts: 2,706  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    So yes you need to enable SSL inspection

    https://support.zyxel.eu/hc/en-us/articles/12582990829458-SSL-Inspection-Security-Services-Best-Practice-for-Firewalls

    Then you can use Keywords in Content Filtering

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,065  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @aed_alt

    Currently, the Content Filter supports an FQDN-based blocked list. Therefore you can configure the website's FQDN www.anydomain.com in the Forbidden Web Sites as a replacement solution.

Security Highlight