Blocking Sub-Domain Access in BorderManager
Novell Cool Solutions: Tip
By Craig Johnson
Digg This -
Posted: 26 Sep 2007
A Forum reader recently asked:
"I been observing that sub-domains can be accessed when the main domain is blocked. For example, content.movies.myspace.com can be access when www.myspace.com is in the ACL list as blocked. Can wildcards be used like when filtering file extensions? Will *.myspace.com work as a filter?"
And here's the response from Craig Johnson ...
Yes, wildcards can, and should, be used in access rules. It is typical to have entries like these:
(These would both be in the same rule, though you would think the second rule would cover all bases).
Note that you can't use a https rule - it will be ignored. You can, however, use a port 443 rule blocking a domain, and some people here have reported success with a rule like www.domain.com:443/*.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com