Jump to content

URL blocking HTTPS doesn't work


speakerbox

Recommended Posts

Hi,

We've applied a policy setting to block batch files from being downloaded using URL address management. Policy set as per:

https://help.eset.com/eea/7/en-US/idh_config_epfw_scan_http_address_list.html

I've added "*/*.bat" to list of blocked addresses.

Now this seems to work fine on all browsers when the URL is HTTP but if the URL is HTTPS, it only seems to be blocked/working on IE. Chrome and Edge at least are not blocked and the user is able to browse the link ending .bat.

SSL/TLS protocol filtering is enabled.

Any idea why HTTPS URL blocking doesn't appear to work on Chrome and Edge?

Thanks

Link to comment
Share on other sites

  • Administrators

Blocking by file extensions will not work if the extension is not at the end of  url. Please provide an example of a url that wasn't blocked.

Link to comment
Share on other sites

Yes the link we're testing ends in bat:

hxxp://www.cyberessentials.guru/guest/testfiles/hello2.bat

 

This is where we see the problem between http which blocks fine and https which only blocks in IE which is strange. On the same browser on the pc if we change the above link to https it doesn't block on chrome or Edge. 

Link to comment
Share on other sites

Yes that doesn't work i'm afraid. Still works fine if the link starts with HTTP and ends in bat but if it starts with HTTPS and ends in bat it doesn't do anything an allows the downloads. 

Link to comment
Share on other sites

Sorry that was just a random URL, we've been using various URLS. For example:

https://gallery.technet.microsoft.com/Turn-off-screen-4d173e0a/file/147696/1/Turn off Screen.bat

 

I think I’ve manged to identify the problem however, completely bizarre but on my test PC – the HTTPS URL was only blocked after I cleared cache and cookies in Edge (I done this after testing InPrivate browsing which worked and blocked immediately).

So I think ESET or Edge must have cached my test URL’s (Which I visited before adding the URL blocks) in some form and the act of clearing cache in edge resolved immediately. We confirmed this on another PC which had successfully visited the URL’s before I added the file extension, clearing cache then allowed the block to work immediately.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...