Create a Post
Showing results for 
Search instead for 
Did you mean: 

URLF Blocked vs Reject?

Why is some web traffic blocked, and other traffic rejected?  I’m having problems with Facebook and YouTube.

I have a Spark 1500, R81.10.05, currently managed via the Infinity Portal Spark Management, but I’ve also turn off Cloud management and tried locally and get the same results.

I have HTTPS Inspection enabled.  Trying to go back to basics, I’ve turn off all “bypass” categories:



As a test I enabled URLF, in the Block Other… box I only have Media Streams selected.






When I browse to I get a User Check block page.  The log shows the connection as “Blocked” and I see the redirect.  Great!  That’s what I expect.







When I browse to I do not get the block message.  Instead I just get “can’t reach this page”, and the log shows a Reject, and also that HTTPS Inspection was bypassed.






Exactly the same thing happens when I add Facebook to the Block Other… group.  It is rejected, HTTPS bypassed, and I get no User Check block message.


Why do some sites get correctly categorised, blocked, and redirected to the User Check block page, while others are bypassed and rejected with no block message?  Why is YouTube and Facebook HTTPS Bypassed and then rejected with no block message?

0 Kudos
2 Replies

To generate a block page consistently, HTTPS Inspection must be enabled.
This is because it is not possible to inject a block page once an HTTPS session starts because…it’s encrypted.
In this situation, you will get the “can’t reach this page” error.
In other words, this is expected behavior.

0 Kudos

HTTPS Inspection is already on.
I've put the same Spark box onto a proper SmartCenter today and from limited testing, I think I'm seeing the same behaviour.   All sites tested are HTTPS and some sites get the block message, others get the "page not found" message.   I can't figure out a pattern at the moment.  Maybe it's a Spark issue?  I'll test further next week and compare the same policy installed to a non-Spark.


0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events