Re: How to block path wise URL.

maxtaan · ‎2024-02-19

Want to block this type of url. Already follow the custom URL block procedure, but the URL is still accessible.
We want to block
hxxps://github.com/agbusi/keteorie/bojb/gain/yrsfaction_Rkoj_jpg.zip
this type of URL. Where hxxps=https.

the_rock · ‎2024-02-19

Just add *github* as custom app site object and use that in the policy rule. I always do so in app/url ordered layer.

Best,

Andy

maxtaan · ‎2024-02-19

Hello @the_rock

I want to block the whole path only, not the full application/site. Is it possible?

Thanks

delToro1 · ‎2024-02-19

Hello mate,

I think that if you want to block this specific URL, you need inspect the https traffic to know the HTTP URI. As @the_rock said, the other way is blocking the domain github, that is possible because the TLS SNI header is not encrypted.

BR.

maxtaan · ‎2024-02-19

Thanks Mate. So, if i want to block specific URLs then i must need HTTPS inspection blade enabled?

the_rock · ‎2024-02-19

correct!

the_rock · ‎2024-02-19

Thats right, so you definitely need https inspection feature turned on.

Best,

Andy

maxtaan · ‎2024-02-19

Hi @the_rock

Thanks for your response. Is there any SK/Document available regarding this?

the_rock · ‎2024-02-20

I cnt think of any off the top of my head, but will see if I can find it. Ping me offline if you need more help, I have really good https inspetion lab...well, 2 as a matter of fact, but 1 I always use it.

Best,

Andy

the_rock · ‎2024-02-20

Best I found is below.

Andy

https://support.checkpoint.com/results/sk/sk108202

https://support.checkpoint.com/results/sk/sk65123

Are you a member of CheckMates?

How to block path wise URL.