Allowing Access to View Embedded Vimeo™ Videos

Summary

This article discusses how to allow embedded Vimeo videos without allowing users to access vimeo.com.

Problem

A lot of educational websites embed Vimeo videos into their website, however, if you are blocking the Audio and Video category these videos will be blocked.

Note: The Audio and Video category is included as part of the Core Blocked Content web filter policy, therefore is typically blocked by default.

Solution

Note: You need a HTTPS policy to be implemented for this to work.

    1. To create a new category, go to Guardian > Policy Objects > Categories.
    2. Under Manage categories, enter the name of the new category, for example, Vimeo Allow.
    3. Under Domain/URL filtering, add the following URLs:
      • player.vimeo.com/log
      • player.vimeo.com/crossdomain.xml
      • av.vimeo.com/crossdomain.xml
      • a.vimeocdn.com/p/2.1.18/js/player.js
      • vimeocdn.com
      • a.vimeocdn.com/p/2.1.18/css/player.css
      • player.vimeo.com/play_redirect
      • player.vimeo.com/video/<VIDEO_ID>
      • vimeo.com/_next/viewer

where VIDEO_ID is the unique 9-digit number given to each Vimeo video it forms part of the video's URL. Add this URL for each video you need to allow.

    1. Click Advanced, and then under URL Patterns add the following:
      • vimeo\.com/.*<VIDEO_ID>
        where VIDEO_ID is the unique 9-digit number given to each Vimeo video it forms part of the video's URL. Add this URL for each video you need to allow.
    2. Click Save.
    3. Create another custom category named Vimeo, which will be used in a HTTPS policy.
    4. Under Domain/URL filtering add the following domain:
      • vimeo.com
    5. To set up a Decrypt and Inspect policy, go to Guardian > HTTPS inspection > Policy wizard.
    6. Create a new policy with the following:
      • Who Everyone*
      • What Vimeo
      • Where Everywhere*
      • When Always*
      • Action Decrypt and inspect

Make sure Enable Policy is ticked and click Confirm

    1. Next, set up a Web filter policy in Guardian > Web Filter > Policy wizard:
      • Who Everyone*
      • What Vimeo Allow
      • Where Everywhere*
      • When Always*
      • Action Allow

Make sure Enable Policy is ticked and click Confirm

If Vimeo is not blocked for your organization, you can still use the Vimeo allow category created in step 2 in a block policy to prevent users from accessing vimeo.com but still allow specific embedded videos.

*You should change these based on your own needs.