Simple deny rules can block access only to specific servers and ports, however it is often necessary to block HTTP traffic based on URL webpage. In that case proxy deny rule is used.
In order to create proxy deny rule you need to go to user or group’s profile page, open tab “rules and restrictions” and choose “add > proxy deny rule”.
In URL field you can assign one or more addresses in the following format:
mail.ru
– domain mail.ru and all its subdomains. Domain supermail.ru won’t be blocked.*mail.ru
- all domains ending with mail.ru. Domain supermail.ru will be blocked.mail*
- all domains starting with mail and their subdomains. Domain pupermail.ru won’t be blocked.*mail*
- all domains including the word mail./banner
- all addresses with the path starting with /banner, /banner/images, /banner/1.gif, etc. Addresses with path /banner123 won’t be blocked./banner*
- all addresses with the path starting with /banner, /banner/images, /banner/1.gif, etc. Addresses with path /banner123 will be blocked./*banner
- all addresses with path including the word banner. Addresses with path /somebanner123 won’t be blocked./*banner*
- all addresses with path including the word banner. Addresses with path /somebanner123 will be blocked.|www
– addresses starting with «www».mp3|
- addresses ending with «mp3».|ya.ru|
- only address «ya.ru»/regular expression/
- addresses corresponding to the specified regular expressionbannerexchange.*:8080/images/*gif
– all files in «gif» format in Images folder on sites containing bannerexchange name on port 8080 will be blocked.The same as in «Deny rule» you can specify particular IP address of the user as a source and define a rule time duration.
Instead of a single URL you can create a list of them joined into categories. To do that click [..] to the right from “URL destinations”. You will see a list of available categories.
Using categories you can deny specific words in user searches.
To create an exception for proxy deny rule you can use proxy allow rule.