Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
NeilDavey
Collaborator

Custom Application Site Wildcard

Jump to solution

I am needing to create some Applications/Sites on Check Point for some websites:

*.cisco.com

*.okta.com

And I want the site to end at the .com part.  ie I don't want this to happen:

bad.okta.com.hacker.org

Would I create a new Application/Site like this this example:

\.example\.com

\.cisco\.com

\.okta\.com

And would I also need to tick the box "URLs are defined as Regular Expression"?

Thanks

0 Kudos
1 Solution

Accepted Solutions
Wolfgang
Mentor
Mentor
4 Replies
Wolfgang
Mentor
Mentor

See the documentation Custom Application Options

"*.okta.com" does not match "bad.okta.com.hacker.org" but match "subdomain.okta.com"

And yes, if you want more granular control you have to use regular expressions.

 

0 Kudos
NeilDavey
Collaborator

Thanks Wolfgang.

So you would suggest this would be correct to allow a subdomain which ends at the .com?

image.png

0 Kudos
Wolfgang
Mentor
Mentor

simple answer, YES

Bob_Zimmerman
Leader
Leader

In past versions, "*.okta.com" would have matched hacker.org/fake.okta.com. This bit me pretty badly when trying to move from another web filtering box to Check Point's URL Filtering. We blocked *.ar, and it caught some site's /path/to/shared/resources/16x16.left.arrow.png or whatever the path was. I haven't tried using non-regular expressions since R80.20, so it may have changed in a more recent version.

I ended up having to anchor to the slash:

^https?://([^/\.]\.)*okta.com/

That matches any number of subdomains (including zero subdomains) then anchors the TLD to the slash which separates the domain name from the path in a URL.

0 Kudos