If you’re seeing a bunch of URLs using a similar domain with a bunch of diverse sub domain names, then use the “^https?://. ?” text before the most a part of the domain. Eg: “^https?://. ?mydomain. com” .
This will catch ALL of the feasible subdomains for “mydomain. com”. If you’re only seeing a few getting used, then grab those specifically. Just be aware to “escape” the intervals in them use “. ” as a substitute of “. ” for the URL, and to begin the URL with “^”.
2015:06:09 11:07:00 sophosutm httpproxy: id=”0001″ severity=”info” sys=”SecureWeb” sub=”http” name=”http access” action=”pass” method=”CONNECT” srcip=”10. 0. 0. 40″ dstip=”173. 194. 53.
142″ user=”” ad domain=”” statuscode=”200″ cached=”0″ profile=”REF DefaultHTTPProfile Default Web Filter Profile” filteraction=”REF DefaultHTTPCFFAction Default content filter action” size=”11489″ request=”0xe4545000″ url=”https://r9—sn p5qlsnss. googlevideo. com/” referer=”” error=”” authtime=”0″ dnstime=”28572″ cattime=”0″ avscantime=”0″ fullreqtime=”233076″ device=”0″ auth=”0″ ua=”” exceptions=”av,content material,url,ssl,certcheck,certdate,mime,cache,fileextension,size” This guide is great, exactly the type of thing I have been attempting to find to reduce the time to learn standard expressions. I have had pretty good luck looking to block or allow specific domain, but I will in reality be enforcing a few of this filters. I do have a question, how are you going to go about adding filters to seek for exact strings in a search, for instance when using Google the url generated after getting into a search phrase will contain the terms in the quest. If i wished to block searches for “cars” the url that outcomes is “sm=122andie=UTF 8” or anything simliar.
How would you go about block the urls for other unsavory or express web searches?ThanksBenHi, exclent post!Maybe you may help me about webfilter on Sophos 9. 3. My Sophos is joined on domain controller, everything is ok. I need to configure 2 groups, i created 2 groups on AD like Web full and Web restricted right. Need it to be authet, i created new web filter profiles, then add my community and obvious mode with AD SSO, i created filter activities like web full, on AD i add user administrator on web full and add other user on web limited right.
I’m so at a loss for words about the order. When i did some test, the i block everything on web limited, but that user in, can browser on the web.