Novell Home

Blocking Sub-Domain Access in BorderManager

Novell Cool Solutions: Tip
By Craig Johnson

Digg This - Slashdot This

Posted: 26 Sep 2007
 

Problem

A Forum reader recently asked:

"I been observing that sub-domains can be accessed when the main domain is blocked. For example, content.movies.myspace.com can be access when www.myspace.com is in the ACL list as blocked. Can wildcards be used like when filtering file extensions? Will *.myspace.com work as a filter?"

And here's the response from Craig Johnson ...

Solution

Yes, wildcards can, and should, be used in access rules. It is typical to have entries like these:

*.domain.com
*.domain.com/*

(These would both be in the same rule, though you would think the second rule would cover all bases).

Note that you can't use a https rule - it will be ignored. You can, however, use a port 443 rule blocking a domain, and some people here have reported success with a rule like www.domain.com:443/*.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell