This article applies to:
Symptoms:
- Unable to block parts of HTTPS Web sites.
- You have a rule set up to block a path within a HTTPS site, such as https://www.website.com/page/, but the rule does not block the site.
Causes:
In current WebMarshal versions, if HTTPS Content Inspection is enabled and inspection is enabled for a site in rules, you can enter and check path information for HTTPS web sites in WebMarshal URL categories that you use in Standard and Content Analysis rules.
Because secure sites are encrypted, if inspection is not enabled, WebMarshal can only see the name of the site, not the full path. All path information and page content is encrypted.
If you do not have HTTPS inspection enabled for a site, enter only the site name in categories.
Important notes:
- HTTPS Rules do not use path information. If you use URL Categories to limit the sites that are inspected, any URL entries with path parts will be ignored.
- Standard and Content Analysis rules use the path information for HTTPS sites only if HTTPS rules trigger inspection of the site content.
- For example to grant specific users access to limited paths in Google Docs:
- Ensure HTTPS rules are set up to inspect requests from those users to https://docs.google.com
- Add a URL Category to hold the specific URLs within Google Docs that you want to control
- Use this URL Category in Standard or Content Analysis rules, combined with user matching or other conditions.
Note:
See also article Q12708: WebMarshal warning pages redirect HTTPS to the base server address
- This article was previously published as:
- NETIQKB29188
- Marshal KB236
