FortiGuard web filter categories to block child sexual abuse and terrorism
Web filter categories 83 (Child Sexual Abuse, formerly Child Abuse) and 96 (Terrorism) can be used to enforce blocking and logging the Internet Watch Foundation (IWF) and Counter-Terrorism Internet Referral Unit (CTIRU) lists, respectively.
To create a web filter profile to block the Child Sexual Abuse and Terrorism categories in the GUI:
-
Go to Security Profiles > Web Filter and click Create New.
-
Enter a name for the new filter, such as webfilter-demo.
-
In the category table, in the Potentially Liable section, set the Action for the Child Sexual Abuse and Terrorism categories to Block.
-
Configure the remaining settings as required.
-
Click OK.
To create a web filter profile to block category 83 (Child Sexual Abuse) and 96 (Terrorism) in the CLI:
config webfilter profile edit "webfilter-demo" config ftgd-wf unset options config filters ... edit 83 set category 83 set action block next edit 96 set category 96 set action block next ... end end next end
To test the web filter:
-
Use the web filter profile in a policy.
-
On a device that is connected through the FortiGate and that uses the policy, visit the test URLs for each category:
http://wfurltest.fortiguard.com/wftest/83.html
http://wfurltest.fortiguard.com/wftest/96.html
-
Log in to the FortiGate, and go to Log & Report > Web filter to view the logs for the blocked websites.