Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Moe_89
Contributor

URL Filtering for hosted services

Checkmates,

Can URLF work for websites/services published through Checkpoint ? For example, A web server hosted behind Checkpoint is published as abc.com on the internet. Can URLF policies be enforced on inbound traffic so that akamai, tor or any anonymizers can be blocked from accessing the hosted website. 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

If you want to block traffic coming from TOR addresses, this doesn't require URL Filtering. See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
I'm curious what the use case is for blocking traffic from Akamai IPs since they usually serve as a cache.
I guess if they use a particular User Agent to reach your site, you could create an Application Control signature to check for that and block on it.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Note this will require using HTTPS Inspection if the site is available via HTTPS.
0 Kudos
Moe_89
Contributor

Hi Dameon,
Thanks for your response. Akamai is just used as an example. We would want to block mainly anonymizers, TOR etc. We see many requests originating from servers trying to access content of the published site which we would like to block.

Not sure if creating one custom application signature would suffice because the site may be browsed from everywhere on the internet.
0 Kudos
PhoneBoy
Admin
Admin

In that case, it's best to block by IP and not use App Control/URL Filtering.

The SK I referred to previously is a starting point, another possible approach is: http://opendbl.net/#checkpoint.html

0 Kudos
Wolfgang
Authority
Authority

Mubarizuddin_Mo,

beside the recommendations of Dameon and following your original question.

Yes, URLF works too from external to internal webservers. It works in all directions.

We are using this to control access to some special URL-pathes on our webservers. To allow only special sources to special pathes.

Wolfgang

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events