DotW: URL Wildcard Pattern
Resolution
In this week's DotW, we discuss a specific question one of our members posted in several discussions:
discussion
discussion
User oscaringosv is looking for a way to block URLs that have a specific word pattern/string. In his example, he was looking to match on the word "good".
- He already tried using custom URL categories with wildcards.
- Note that you cannot use regex in custom URL categories.
There are, however, some considerations to take when you want to use wildcards in custom URL categories. Allow me to explain using "good" as an example:
- ww*.good.com
- www.good*.com
Looking for an alternative, user oscaringosv found a discussion with a possible workaround.
https://live.paloaltonetworks.com/t5/General-Topics/block-keywords/m-p/6101#U6101
The above discussion talks about using a signature-based custom application.
While custom applications with signatures can be very useful, they do have minimum requirements. For example, the pattern used must be a minimum of 7 bytes.
More details on how to create custom application signatures and requirements can be found here:
https://live.paloaltonetworks.com/t5/Tech-Note-Articles/Custom-Application-Signatures/ta-p/58625
You can follow both discussions in the links below:
https://live.paloaltonetworks.com/t5/General-Topics/URL-wildcard-Pattern/m-p/136217#U136217
https://live.paloaltonetworks.com/t5/General-Topics/block-keywords/m-p/6101#U6101
Cheers !
-Kim.