Applies to Platform: UTM 5.x, 4i Edge 5.x
Last update: 19 Nov 2022
Applies to Platform: UTM 6.x, 4i Edge 6.x
Last update: 23 Jan 2025
Note
This lesson explains how to block, with the Endian UTM Appliance, Facebook, X (formerly Twitter), and other sites that use SSL. Three different approaches will be shown in this lesson:
- Using an Access Policy rule in the HTTP Proxy (UTM v5.x and v6.x)
- Using the DNS proxy (UTM / 4i v5.x and 6.x)
- Using an Access Policy rule in the HTTP Proxy (UTM v5.x and v6.x)
- Using the DNS proxy (UTM / 4i v5.x and 6.x)
- Using the FQDN firewall network object (UTM / 4i v5.x and 6.x)
1. Create an Access Policy to Block HTTP/HTTPS Sites.
Warning
From the web GUI select from Menubar > Proxy > HTTP > Access Policy > Add Access Policy.
In the Access Policy Editor, configure as follows the various options:
- Source: The places where the clients will be subjected to the rule, which can be ANY, Zone, Network/IP, or MAC Address.
- Destination: The places that you want to block. In this case, the domains facebook.com and x.com. Write one domain per line, remember the starting dot if you want to : .facebook.com and .x.com.
- Access Policy: Deny access, for the rule to block traffic to the domains.
- Position: First, to make sure that this rule take precedence over other rule, which possibly allow access.
- Policy status: Click on the checkbox Enable policy rule to activate the rule.
- The remaining options may keep their default values.
- (Details Tab) Name: Enter a descriptive name for this rule.
- (Details Tab) Policy status: Click on the checkbox Enabled to activate the rule.
- (Details Tab) Content Filter: Leave as None.
- (Details Tab) Policy: Deny, for the rule to block traffic to the domains.
- (Filtering Tab) Source: The sources where the clients will be subjected to the rule, which can be ANY, Zone, Network/IP, or MAC Address.
- (Filtering Tab) Destination: The destinations that you want to block. In this case, the domains facebook.com and x.com. Write one domain per line, remember the starting dot to block all subdomains : .facebook.com and .x.com.
- The remaining options may keep their default values.
- Position: Once the rule is created you can use the arrows to re-order the rule so that it's at the top of the policy list.
Note
2. Create a rule in DNS Proxy
Note
This method is useful ONLY if you don't have HTTP proxy enabled or when using a product that doesn't include the HTTP proxy (4i).
From the web GUI go to Menubar > Proxy > DNS. Click on the checkboxes next to the Transparent on GREEN, BLUE, ORANGE, depending on which zones you want to create the rule into, then clik on Save.
Now, go to the Anti-spyware tab and insert in the textbox under the Blacklist domains label all the domains that you want to be blocked (ex. facebook.com) and click on Save.
Comments