This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Antonis_Hassiot
Contributor
‎2020-06-23 07:14 AM

Blocking .gzip file types in AV, causes web pages with css.gzip or js.gzip to fail loading properly

Here is an example URL, where if you enable blocking specific file types in AV and select gzip, gz,tar.gz,tgz, the page doesn't load properly, because a large number of css.gzip and js.gzip files get blocked.

https://www.dummies.com/business/accounting/auditing/take-a-look-at-your-companys-liquidity-risk/

 

Is our only option to change these file types to deep scan in AV, or is there a way to bypass css.gzip and js.gzip otherwise?

We don't have DLP or Threat emulation enabled. I was hoping to bypass by file extension, but can't see how.

A.

0 Kudos
5 Replies
Troy_Yeske
Employee Alumnus
Employee Alumnus
‎2020-06-23 08:39 AM

Trying to duplicate what you are getting unsuccessfully...R80.40, https inspection on, and switched the AV setting but page loads fine...are they not loading or are you getting block pages?

0 Kudos
Antonis_Hassiot
Contributor
‎2020-06-24 01:58 AM
In response to Troy_Yeske

HTTPSs inspection is on for us. We are on 80.30. 

You should see a large number of 307 redirects in Developer tools on your browser like below:

307.PNG

 The page loads like this:

 

dummies.PNG

0 Kudos
Antonis_Hassiot
Contributor
‎2020-06-24 02:00 AM
In response to Antonis_Hassiot

And our config:

AV.PNG

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2020-06-25 10:24 PM
In response to Antonis_Hassiot

Out of interest how is the following currently set for the environment?

Inspection settings > GZIP enforcement > Advanced

gzip.png

 

 

CCSM R77/R80/ELITE
0 Kudos
Antonis_Hassiot
Contributor
‎2020-06-25 11:56 PM
In response to Chris_Atkinson

Same as what you showed:

 

gzip.PNG

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events