Fortinet black logo

Cookbook

Home FortiGate / FortiOS 5.4.0 Cookbook

Blocking Facebook with Web Filtering

5.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.0
6.0.0
5.6.0
5.4.0
Copy Link
Copy Doc ID 598118ae-ea1f-11e9-8977-00505692583a:701862
Download PDF

Blocking Facebook with Web Filtering

This recipe explains how to use a static URL filter to block access to Facebook and its subdomains.

By using SSL inspection, you ensure that Facebook and its subdomains are also blocked when accessed through HTTPS.

1. Enabling Web Filtering

Go to System > Feature Select to enable the Web Filter feature.

2. Editing the default Web Filter profile

Go to Security Profiles > Web Filter and edit the default Web Filter profile.

To block Facebook, go to Static URL filter, select URL Filter, and then click Create.

Set URL to *facebook.com. Set Type to Wildcard, set Action to Block, and set Status to Enable.

3. Creating the Web filtering security policy

Go to Policy & Objects > IPv4 Policy, and click Create New. Give the policy a name that identifies its use.

Set Incoming Interface to the internal network and set Outgoing Interface to the Internet-facing interface.

Enable NAT.

Under Security Profiles, enable Web Filter and select the default web filter profile.

Enable certificate-inspection from the dropdown menu. This allows the FortiGate to inspect and apply web filtering to HTTPS traffic.

The new policy has to be first on the list in order to be applied to Internet traffic. Confirm this by viewing policies By Sequence.

To move a policy up or down, click and drag the far-left column of the policy.

4. Results

Visit facebook.com

HTTPS is automatically applied to facebook.com, even if it is not entered in the address bar. A FortiGuard Web Page Blocked! message appears.

Visit a subdomain of Facebook, for example, attachments.facebook.com.

A FortiGuard Web Page Blocked! message appears, blocking the subdomain.

Previous
Next

Related Videos

sidebar video

Cookbook - Blocking Facebook

  • 79,700 views
  • 7 years ago

Blocking Facebook with Web Filtering

This recipe explains how to use a static URL filter to block access to Facebook and its subdomains.

By using SSL inspection, you ensure that Facebook and its subdomains are also blocked when accessed through HTTPS.

1. Enabling Web Filtering

Go to System > Feature Select to enable the Web Filter feature.

2. Editing the default Web Filter profile

Go to Security Profiles > Web Filter and edit the default Web Filter profile.

To block Facebook, go to Static URL filter, select URL Filter, and then click Create.

Set URL to *facebook.com. Set Type to Wildcard, set Action to Block, and set Status to Enable.

3. Creating the Web filtering security policy

Go to Policy & Objects > IPv4 Policy, and click Create New. Give the policy a name that identifies its use.

Set Incoming Interface to the internal network and set Outgoing Interface to the Internet-facing interface.

Enable NAT.

Under Security Profiles, enable Web Filter and select the default web filter profile.

Enable certificate-inspection from the dropdown menu. This allows the FortiGate to inspect and apply web filtering to HTTPS traffic.

The new policy has to be first on the list in order to be applied to Internet traffic. Confirm this by viewing policies By Sequence.

To move a policy up or down, click and drag the far-left column of the policy.

4. Results

Visit facebook.com

HTTPS is automatically applied to facebook.com, even if it is not entered in the address bar. A FortiGuard Web Page Blocked! message appears.

Visit a subdomain of Facebook, for example, attachments.facebook.com.

A FortiGuard Web Page Blocked! message appears, blocking the subdomain.

Previous
Next