This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
C0LDW1R3D
Explorer
‎2023-05-03 05:00 PM

Whitelisting Sites - Blocked by category Inactive Sites

Hi,

 

So I've been experiencing a problem with a site that our company uses.

I have add the site as a https://sitename.com/

and i have also added it as a https://sitename.com/*

to allow all wild cards of the same in case there were issues, the policy has been installed however it doesn't allow our users, to browse to the site, the policy is applied to the workstations that are in the group, and there is no overlap of policies etc.

When we browse to the site, it blocked by category 'inactive site'. categories are reached by going to the policy and going into advanced settings under web & and files protection...

I have disabled the inactive site category, and then browsing to the site above has worked, however i would expect whitelisting a site would allow it to bypass the rule, have I done something incorrectly, or if someone could provide a better method, that would be great.

 

Thanks

0 Kudos
5 Replies
the_rock
Legend
Legend
‎2023-05-03 05:13 PM

Hey @C0LDW1R3D 

I had said this on here numerous times and will say it again...personally, I ALWAYS add it by using method *sitename*...ie *youtube*, *fecabook* etc. I spent probably more than 100 hours with TAC troubleshooting this over last 2 years and while this method might not be most accurate one, it works 100% of the time and customers are perfectly fine with it. We would rather save time and make it work, then spend hours on end and be nowhere near the solution : - )

Anyway, take that for whats its worth...

Cheers,

Andy

0 Kudos
Blason_R
Leader
Leader
‎2023-05-03 08:02 PM
In response to the_rock

I agree with it or best way if the portal or site is not CDN enabled or live on only one public IP then create a domain object and ensure to use same DNS server which is configured on users desktop on gateway modules as well. This should work or since its a https create a dedicated custom application.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
SriniKrish
Collaborator
‎2024-01-14 06:59 PM
In response to Blason_R

Just curious, what exactly does the category "Inactive sites" mean ?

 

Regards,

Srini

0 Kudos
the_rock
Legend
Legend
‎2024-01-14 07:03 PM
In response to SriniKrish

Below should help.

Best,

Andy

https://community.checkpoint.com/t5/Browse/Site-blocked-by-Inactive-Sites-rule/td-p/184615

0 Kudos
Blason_R
Leader
Leader
‎2024-01-14 07:53 PM
In response to SriniKrish

That means Abandoned Websites or Expired Domains

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events