This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Carlos_Rodrigue
Explorer
‎2018-02-22 09:08 AM
Jump to solution

Block HTTPS URL

Hi,

Using the APP & URL Filtering from R77.30 or R80.10, I can not block HTTPS websites, the Check Point Bypass.

For example, I create a custom App/Sites and add the following site: *.hltv.org

If I type http://www.hltv.org, is block, but If I type https://www.hltv.org it's allowed.

How can I block HTTPS URL?

Thanks.

0 Kudos
1 Solution

Accepted Solutions
Kaspars_Zibarts
Employee
Employee
‎2018-02-22 10:42 AM
Jump to solution

You need to turn on https inspection to do proper URLF on https. Or you may choose passive filtering based on SSL certificate name:

To enable it, enable the URL Filtering blade:
Go to Application & URL Filtering tab -> Advanced -> Engine Settings -> Enable "Categorize HTTPS sites" and install Security policy

More in sk92743

View solution in original post

3 Replies
Kaspars_Zibarts
Employee
Employee
‎2018-02-22 10:42 AM
Jump to solution

You need to turn on https inspection to do proper URLF on https. Or you may choose passive filtering based on SSL certificate name:

To enable it, enable the URL Filtering blade:
Go to Application & URL Filtering tab -> Advanced -> Engine Settings -> Enable "Categorize HTTPS sites" and install Security policy

More in sk92743

Carlos_Rodrigue
Explorer
‎2018-02-23 03:13 AM
Jump to solution

Hi Kaspars Zibarts,

Thanks for you reply.

I already had this option selected.

Even with this option enabled, https url are not blocked.

0 Kudos
Kaspars_Zibarts
Employee
Employee
‎2018-02-23 01:21 PM
In response to Carlos_Rodrigue
Jump to solution

Have you seen this one. I haven't tried but I'm guessing the certificate name most likely is not 100% match with URL. If you are not using https inspection, then there will be trade offs.  

https://community.checkpoint.com/docs/DOC-2632-urlf-apcl-whitelisting