Applies To:Show Versions
Using Custom URL
Categories and Filters
How can I control traffic to URL
Example policy: User-defined
category-specific access control
How can I block access to URLs?
Example policy: URL filter per user
Overview: Configuring user-defined URL categories and filters
Configuring user-defined URL
- On the Main tab, click.The URL Categories table displays. If you have not created any URL categories, the table is empty.
- ClickCreate.The Category Properties screen displays.
- In theNamefield, type a unique name for the URL category.
- From theDefault Actionlist, retain the default valueBlock; or, selectAllow.A Confirm Box action in a per-request policy subroutine serves the purpose of enabling appropriate choices in a forward proxy (outbound) configuration. Currently, Access Policy Manager does not support a similar action for reverse proxy.
- Add, edit, or delete the URLs that are associated with the category by updating theAssociated URLslist.
- To add URLs to theAssociated URLslist:
These are well-formed URLs:
- In theURLfield, type a URL.You can type a well-formed URL that the system must match exactly or type a URL that includes globbing patterns (wildcards) for the system to match URLs.
- If you typed globbing patterns in theURLfield, select theGlob Pattern Matchcheck box .
- ClickAdd.The URL displays in theAssociated URLslist.
This URL*siterequest.[!comru]includes globbing patterns that match any URL that includessiterequest, except forsiterequest.comorsiterequest.ru.This URL*://siterequest.com/education/*includes globbing patterns that match any HTTP URL that includessiterequest.com/education, but that do not match any HTTPS URLs if Category Lookup specifies that the input is SNI or CN.Subject.For SNI or CN.Subject input, Category Lookup usesscheme:://hostfor matching, instead of matching the whole URL.
- ClickFinished.The URL Categories screen displays.
- To view the newly created URL category, expandCustom Categories.The custom URL category displays in the Sub-Category column.
Configuring URL filters
- On the Main tab, click.You can click the name of any filter to view its settings.On a BIG-IP system with an SWG subscription, default URL filters, such asblock-allandbasic-security, are available. You cannot delete default URL filters.The URL Filters screen displays.
- To configure a new URL filter, click one of these options.
- Createbutton: Click to start with a URL filter that allows all categories.
- Copylink: Click for an existing URL filter in the table to start with its settings.
- In theNamefield, type a unique name for the URL filter.
- ClickFinished.The screen redisplays. An Associated Categories table displays. It includes each URL category and the filtering action that is currently assigned to it. The table includes a Sub-Category column. Any URL categories that were added by administrators are subcategories withinCustom Categories
- Select the actions to take:
The confirm action is not fully supported in a reverse proxy configuration.A Confirm Box action in a per-request policy subroutine serves the purpose of enabling appropriate choices in a forward proxy (outbound) configuration. Currently, Access Policy Manager does not support a similar action for reverse proxy.
- To block access to particular categories or subcategories, select them and clickBlock.When you select a category, you also select the related subcategories. You can expand the category and clear any subcategory selections.
- To allow access to particular categories or subcategories, select them and clickAllow.