Advanced filters 1

This topic gives examples of the following advanced filter features:

Block malicious URLs discovered by FortiSandbox

This setting blocks malicious URLs that FortiSandbox finds. Your FortiGate must be connected to a registered FortiSandbox.

For information on configuring FortiSandbox, see Using FortiSandbox with antivirus.

To block malicious URLs discovered by FortiSandbox in the GUI:
  1. Go to Security Profiles > Web Filter and click Create New, or edit an existing profile.
  2. In the Static URL Filter section, enable Block malicious URLs discovered by FortiSandbox.

  3. Click OK.

To block malicious URLs discovered by FortiSandbox in the CLI:
config webfilter profile
    edit "webfilter"
        config web
            set blocklist enable
        end
    next
end

Allow websites when a rating error occurs

If you do not have a FortiGuard license, but you have enabled services that need a FortiGuard license (such as FortiGuard filter), then you will get a rating error message.

Use this setting to allow access to websites that return a rating error from the FortiGuard Web Filter service.

To allow websites with rating errors in the GUI:
  1. Go to Security Profiles > Web Filter and click Create New, or edit an existing profile.
  2. In the Rating Options section, enable Allow websites when a rating error occurs.
  3. Click OK.

To allow websites with rating errors in the CLI:
config webfilter profile
    edit "webfilter"
        config ftgd-wf
            set options error-allow
        end
    next
end

Rate URLs by domain and IP address

If you enable this setting, in addition to only sending domain information to FortiGuard for rating, the Fort