URL filtering FAQ

Q.     What are the characteristics of URL filtering?

URL filtering filters only URLs that users have entered, for example, wwwbaidu.com/news, and does not filter an HTTP body. In addition, only HTTP URL filtering is supported. To enable URL filtering on HTTPS traffic, you must configure SSL decryption first.

Q.     What are priorities of the actions for blacklist rules, whitelist rules, predefined URL categories, and user-defined URL categories?

·     The actions in descending order of priority are whitelist rules, blacklist rules, user-defined URL categories, and predefined URL categories (with severity levels not edited).

·     For user-defined URL categories, the device matches URLs with these URL categories according to their severity levels.

·     For predefined URL categories, the following rules apply:

¡     For a URL filtering rule used by two predefined URL categories, if both URL categories are used by URL filtering policies or neither of them are used by URL filtering policies, the device matches the predefined URL categories according to their severity levels.

¡     If one predefined URL category is used by a URL filtering policy and the other not, the device first matches the predefined category used by the URL filtering policy.

Q.     What are the limitations of using regular expressions in URL filtering rules?

·     For the device to use a regular expression string to match the hostname field of a URL, the string must be a case-sensitive string of 3 to 224 characters. The string can start with only letters, digits, and underscores (_), and must contain three consecutive non-wildcard characters. In addition, the special characters are supported.

·     For the device to use a regular expression string to match the URI field of a URL, the string must be a case-sensitive string of 3 to 224 characters. The string supports special characters and must contain three consecutive non-wildcard characters.

Q.     How to enter special characters in a regular expression?

To match special characters in regular expressions, you need to add backslashes (\) in front of the special characters. For example, to match a dot (.), enter \. in a Web interface, and enter \\. at the CLI.

Q.     What is cloud query?

When the device receives an HTTP request, it sends the request to the cloud server for query if no match is found among the predefined and user-defined URL categories. The cloud server will look up the URL filtering signature library on the cloud and returns the URL category information for the request. In addition, the query result returned the cloud server will be cached on the device for next queries. The device does not need query from the cloud server until this record is overwritten by another one. If the cache size on the device exceeds the limit, the device will delete oldest records.

All user contexts share the cloud query module with the default context. For contexts, if no match is found among the predefined and user-defined URL categories, the device searches the cached query records. If no matching query record is found, the device will perform cloud query. The cloud query information from the cloud server will be cached to the device for further query for all contexts.

To configure the cloud query server:

<Device> system-view

[Device] url-filter category server 184.37.0.40

Q.     How to block the Baidu or sina website?

The domain names of some websites might be ended with .com.cn, for example, sina.com.cn. To block a website like Sina or Baidu, you can add a blacklist rule to a URL filtering policy to use text string *.baidu.* or *.sina.* for hostname matching.