Skip to content

URL (Uniform Resource Locator) Filtering Profile

A URL Filtering Profile evaluates the URL of an HTTP request and applies an action to either allow or deny the traffic. In order to evaluate the URL, the traffic must be processed by a Forward Proxy rule. The set of URLs in the Profile can be specified as strings representing the full path or as strings representing a Perl Compatible Regular Expression (PCRE). If only domain filtering is required, it is best to use an FQDN Filtering Profile. An FQDN Filtering Profile can also be used in conjunction with URL Filtering, where the domain is evaluated using the FQDN Filtering Profile and the URL is evaluated using the URL Filtering Profile.

Tech Notes

The URL Filtering is organized as a table containing user-specified rows (URLs and Categories) along with two default rows (Uncategorized and ANY). Categories and URLs can be combined within each row if desired.

The maximum number of rows is 32, including the default rows. Which means the maximum number of user-specified rows is 30.

The maximum number of entries per row is limited to 128 Categories and 60 user-specified URLs. If you require more than 60 user-specified URLs, then you will need to split the specified URLs across multiple rows.

Create the Profile

User-Defined

  1. Navigate to Manage -> Profiles -> URL Filtering
  2. Click Create
  3. Provide a Name and Description for the profile.
  4. Click Add to create a new row
  5. Enter individual URLs (e.g., https://www.twitter.com/politics, https://www.google.com/.+?/admin)
    1. A PCRE (Perl Compatible Regular Expression) style regular expression is allowed
  6. Select Categories (e.g., Gambling, Sports, Social Networking)
  7. Select the HTTP methods to which the policy is applied. Select All to apply policy for all HTTP methods. Specify Delete, Get, Head, Options, Patch, Post, or Put to explicitly define one or more methods.
  8. Select the Policy action for the row
    • Allow Log - Allow the requests and log an event
    • Allow No Log - Allow the requests and do not log an event
    • Deny Log - Deny the requests and log an event
    • Deny No Log - Deny the requests and do not log an event
  9. Specify the Return Status Code as an integer value greater than or equal to 100 and less than 600. This value represents the HTTP status that will be returned to the client making the request. A common return code is 503.
  10. Specify the Uncategorized Policy action for URLs that do not match the user-defined configuration and are not represented as a pre-defined Category
  11. Specify the ANY Policy action for URLs that do not match the user-defined, Category or Uncategorized configuration
  12. Click Save when completed

Uncategorized

  1. The penultimate row in the URL Filtering Profile, which is represented by Uncategorized as the URLs/Categories
  2. Specify the Policy action to take for URLs that do not match the user-defined configuration and are not represented as a pre-defined Category
  3. Specify the Return Status Code a an integer value greater than or equal to 100 and less than 600. This value represents the HTTP status that will be returned to the client making the request. A common return code is 503.

Default (ANY)

  1. The last row in the URL Filtering Profile, which is represented by ANY as the URLs/Categories
  2. Specify the Policy action to take for URLs that do not match the user-defined, Category or Uncategorized configuration
  3. Specify the Return Status Code a an integer value greater than or equal to 100 and less than 600. This value represents the HTTP status that will be returned to the client making the request. A common return code is 503.

Associate the Profile

Check this document to create/edit Policy Rules