seems no matter what I do the custom websites options seems not to work?

Options
cfts_ea
cfts_ea Posts: 19  Freshman Member
First Anniversary 10 Comments
edited April 2 in Security

I tried for a few days to get the custom Service working with absolutely zero success.

I am trying to block all access to this domain, period, as we are getting a lot of phishing and spam from this domain.

Sample URL, that im trying to block


Is it possible to advise how to get this working properly?

Device Information
System Name
CFTS-ATP-800
Serial Number
S232L09102880
MAC Address Range
FC:22:F4:E1:68:8B ~ FC:22:F4:E1:68:98
Firmware Version
V5.37(ABIQ.2) / 2024-01-20 02:14:39

All Replies

  • PeterUK
    PeterUK Posts: 2,758  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    If the browser is not using a VPN or proxy you should be able to block it.

    Have you applied the Content Filter to a policy control rule? Have you tried the DNS Content Filter too?

    Block UDP 443 from LAN to WAN

  • cfts_ea
    cfts_ea Posts: 19  Freshman Member
    First Anniversary 10 Comments
    Options

    Yes, to all except UDP 443, I need a little explanation on that, im not using a VPN.

  • PeterUK
    PeterUK Posts: 2,758  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2
    Options

    QUIC uses UDP port 443 instead of TCP 443 the way Content Filter works for TCP 443 is by SNI in the clear but if a web site uses QUIC Content Filter can't work by blocking this it forces the browser to use TCP 443

    also run this in console

    debug content-filter https-domain-filter cache flush

  • cfts_ea
    cfts_ea Posts: 19  Freshman Member
    First Anniversary 10 Comments
    Options

    Thanks, done as suggested, still not working, Tomorrow I make some system wide rules and see if I can pin down whats going on.

  • cfts_ea
    cfts_ea Posts: 19  Freshman Member
    First Anniversary 10 Comments
    Options

    OK did a system wide test, it seems the custom rules do not work, the content filter profile is working just fine, its the custom side that is not!

  • electsystech
    electsystech Posts: 23  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options

    Try adding *cloudflare-ipfs.com to the forbidden websites.

Security Highlight