Kerio Tech 6 Manual Do Utilizador

Chapter 12

HTTP and FTP filtering

148

An appropriate protocol inspector is activated automatically unless its use is denied by

traffic rules. For details, refer to chapter

Connections must not be encrypted. SSL encrypted traffic (HTTPS and FTPS protocols)

cannot be monitored. In this case you can block access to certain servers using traffic

rules (see chapter

FTP protocols cannot be filtered if the secured authentication (SASO) is used.

Both HTTP and FTP rules are applied also when the WinRoute’s proxy server is used (then,

condition 1 is irrelevant). However, FTP protocol cannot be filtered if the parent proxy

server is used (for details, see chapter

). In such a case, FTP rules are not applied.

If the proxy server is used (see chapter

), It is also possible to filter HTTPS servers (e.g.

https://secure.kerio.com/

). However, it is not possible to filter individual objects at

these servers.

12.2 URL Rules

These rules allow the administrator to limit access to Web pages with URLs that meet certain

criteria. They include other functions, such as filtering of web pages by occurrence forbidden

words, blocking of specific items (scripts, active objects, etc.) and antivirus switch for certain

pages.

To define URL rules, go to the URL Rules tab in Configuration → Content Filtering → HTTP
Policy.

Figure 12.1

URL Rules

Rules in this section are tested from the top of the list downwards (you can order the list

entries using the arrow buttons at the right side of the dialog window). If a requested URL

passes through all rules without any match, access to the site is allowed. All URLs are allowed

by default (unless denied by a URL rule).

Note: URLs which do not match with any URL rule are available for any authenticated user

(any traffic permitted by default). To allow accessing only a specific web page group and block