This article applies to organisations with a 'Hybrid' setup (both On-Premise Appliance and Cloud), as well as On-Premise only and Cloud only setups.
When reporting on web usage or checking Web Filter Policies, you may find that access to certain websites or apps is allowed when it should be blocked. This article will help you find out why and then block access.
Tip
To block access to most content, consider a Walled Garden setup.
Check if Filtering applies from Cloud or On-Premise Appliance
Use Web Filter Logs (go to Reports > Realtime or Logs > Web filter) to see if web traffic is passing through the On-Premise Appliance.
- If no traffic appears but the Realtime Log Viewer shows results, filtering is applied by Cloud Filter. Skip to Web Filter Policies.
- If traffic appears, filtering is applied by On-Premise Appliance. Skip to Web Filter Policies.
- If no traffic appears and Cloud Filter is not filtering, traffic is not being filtered. Follow the steps below.
Remove bypasses and exceptions (On-Premise Appliance only)
- Prevent QUIC to ensure web traffic is filtered.
- Block VPNs that bypass filtering, such as Psiphon and Tor.
- Remove any Web Filter exceptions from Guardian > Web filter > Exceptions.
- Turn on Block advanced proxy bypass attempts.
- Set up a HTTPS Inspection Policy to make websites encrypted over HTTPS visible to filtering.
Your Web Filter Policies will then apply to block the website. If access is still allowed, follow the Web Filter Policies section below.
Web Filter Policies
Check the default Web Filter Policies
Categories are used to group URLs, domains, search phrases, file types, video IDs and even countries (for example .ru).
Smoothwall has built-in Blocklist Categories to prevent access to undesirable content through the default Web Filter Policies. You can check whether a website is included in one of these categories.
If you believe content has been categorised incorrectly, let us know through our Feedback Form.
Manage your Allow Web Filter Policies
If your organisation has created an Allow Web Filter Policy and placed this above the default Web Filter Policies, access is allowed. Using the Policy Tester, check whether you have any Allow or Default Web Filter policies set up to allow access to this website.
- Delete the Allow Web Filter Policy if it’s not needed to keep other content accessible.
- If you need to keep the Web Filter policy, remove the website from the Category, or remove the Category from the policy.
- You can also reorder your Web Filter Policies to apply them differently.
Add a Block Web Filter Policy
If a website isn’t part of our built-in Blocklist Categories, you can create your own.
- Create a Custom Category.
- Create a new Web Filter Policy, with your Custom Category in the What field, with the Action as Block.
- Order this Block policy above any Allow Web Filter Policies.
Tip
Ensure the Web Filter Policy has the Action of Block, not just Block in the policy name.