Manual URL Filtering Options

There are several ways to specify URLs for manual URL filtering:

Option

Description

(Best practice)

Use custom Security Intelligence URL list or feed objects.

This is the recommended method for manual URL filtering.

You can create a new list or feed, or choose an existing one in an access control or QoS rule.

For more information, see Custom Security Intelligence Lists and Feeds and subtopics.

Use URL objects, individually or as groups. URL objects are described at URL.

Or

Enter URLs directly into the access control rule. (The Enter URL option on the rule page in the web interface.)

If you do not include a path (that is, there are no / characters in the URL), the match is based on the server’s hostname only. If you include one or more / character, the entire URL string is used for a substring match. Then, a URL is considered a match if any of the following are true:

  • The string is at the beginning of the URL.

  • The string follows a dot.

  • The string contains a dot in the beginning.

  • The string follows the :// characters.

For example, ign.com matches ign.com or www.ign.com, but not versign.com.

Note

We recommend that you do not use manual URL filtering to block or allow individual web pages or parts of sites (that is, URL strings with / characters), as servers can be reorganized and pages moved to new paths.

The Enter URL option does not support wildcards.