Use the Override feature of the URL Filter to grant temporary access to otherwise blocked URL categories. URL categories that are set to the override policy redirect the user to the customizable Override Block page of the URL Filter. The user can then select the URL Filter Override admin and request an override. The URL Filter Override admin must log into the Override Admin interface and grant the request for a specified time. When the request has been granted, the user is automatically forwarded to the website. URL Filter overrides are always granted for the entire URL category.
Before You Begin
- Create or edit existing URL policy objects and select Override All as the action for the categories of your choice. For more information, see .
- Configure URL filtering in the firewall. For more information, see .
Step 1. Add Your URL Filter Override Admin Users
- Go to FIREWALL > Settings.
- In the URL FILTER section, click Show to open the URL Filter Override Users window.
- Click Add to add an administrative user.
- The URL Filter Override Users window opens.
Enter the user details in the respective fields. To add more users, click Add.
- Name – The administrative user's login name. This is the username used to log into the override admin interface.
Full Name – The full name of the administrative user. When requesting an override from a specific admin, users can select this name from the drop-down list on the Override Block page.
- Password – Define a password for the administrative user to access the Override Admin portal.
E-mail – Email address of the administrative user.
- Click Save.
Step 2. Create an Access Rule for the Override Admin Portal
Create a Redirect to Service access rule to redirect the URL Filter Override admin user to the Override Admin portal. This rule will also allow access to the guest user ticketing system.
- Go to FIREWALL > Access Rules.
- Add an access rule with the following settings:
- Action – Select Redirect to Service.
- Source – Select the source network allowed to access the URL Filter Override Admin portal.
- Redirect to Service Details – Select Guest Ticketing HTTPS.
- Destination – Enter the IP address the Override Admin interface is accessed through. You can use any free IP address (e.g., 22.214.171.124) or an IP address on the firewall that does not have a listener on port 443.
- Click Save.
- Place the access rule so that it is the first rule to match for HTTPS traffic to the chosen admin override IP address.
The URL Filter Override admin interface is now reachable via https://126.96.36.199/cgi-bin/override-admin (if you used 188.8.131.52 as the destination IP address in the access rule).
Granting URL Filter Override Requests
When attempting to access a website that is in an override URL category, the URL Filter Override block page is displayed.
To access such a blocked page, select from a drop-down list an override admin to send your access request to and then click Request Access. After the override admin grants the request, click Request Access again to continue to the previously blocked website. If the admin denies the override request, the URL category is blocked for the set duration.
For more information, see How to Grant URL Category Overrides - User Guide.