A URL Filter Policy object determines how a website that matches one of the URL categories is handled by the Barracuda CloudGen Firewall. To override Barracuda's URL database, you must define custom URL black- and whitelists. If you are migrating a large number of domains to your block or allow list, create a list with one domain per line. Use the bulk edit feature and copy/paste the list to the custom URL block or allow lists. In bulk edit more, you can only select one action for the allow list. To define the allow action per domain, disable bulk edit. The following actions are available for each URL category:
- Allow – The user can access the website.
- Block – The user is blocked from viewing the website and is redirected to the customizable URL Filter block page. For more information, see How to Configure Custom Block Pages and Texts.
- Warn and Continue – The user can visit the webpage after clicking Continue on the customizable URL Filter warning page. This action is logged to Box/Firewall/acknowledged. For more information, see How to Configure Custom Block Pages and Texts.
- Alert – Visiting a website in this category is silently logged. Go to FIREWALL > Monitor and in the filter setting filter for Warned to see the logged alerts.
- Override – Allow the user to request temporary access from an admin. Upon receiving the request the override admin must log in to the override admin interface to grant access for a specific amount of time to this otherwise blocked URL category. The admin can only gran overrides for the URL category not for specific websites.
Before You Begin
Before you create URL Filter Policy objects. verify that you have enabled the URL Filter. For instructions on how to activate the URL Filter, see How to Enable Application Control.
Create a URL Filter Policy Object
- Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
- Click Lock.
- In the left menu, click URL Filter.
Create the URL Filter Policy object by either right-clicking the table and selecting New > URL Filter Policy object or by using the icons in the top-right area of the ruleset.
- Click Advanced Settings. The URL Cat Policy Object - Advanced Settings window opens.
- Select the Action if online URL database is unavailable.
- Enter the timeout for Warn and Continue Override valid for [min]. Default: 10 min.
- Click OK.
- Click on Default Action and select Block, Allow or Alert from the dropdown.
Select Block, Allow, Warn and Continue, Alert or Override in the Action column for each URL category.
(optional) To whitelist or blacklist specific domains, select Custom URLs.
For each blacklisted domain, click + to add a domain to the Block List.
For each whitelisted domain, click + to select the action and to enter the domain name in the Allow List.
Enable Bulk Edit to enter a large number of domains. Each domain must use a new line. In bulk edit more, only one action can be set for the Allow List. Disable Bulk Edit after entering the domains to select the Action per entry.
- For each blacklisted domain, click + to add a domain to the Block List.
- Click Save.
- Click Send Changes and Activate.
You can now apply the URL Filter policy object to selected Application Rules. For more information, see How to Create an Application Rule.