URL Filtering Test Pages
Symptom
- You have installed a new URL filtering or Advance URL filtering license and wanted to test if the URL filtering is working correctly.
- You wanted to debug the security policy and needed some test URLs to visit to verify if the URL filter and security policy are working correctly.
Environment
- Any PAN-OS( Advance URL filtering only works with PAN-OS 9.0 and above)
- Palo Alto Firewall.
- URL Filtering.
Cause
- How do I test whether our URL Filtering service properly enforces my organization’s policies for malicious and benign URLs?Palo Alto Networks provide these test URL pages whenever a new category is added.
Resolution
The testing has been done on a category based.
- Benign categories: Visit the website to see if the designed policy is logged and enforced. You will see harmless categories like webmail, sports, and shopping.
- Non-benign (Gray, malware, and phishing area): For testing Gray areas such as adult or restrictive sites, it is not advisable to visit them. Palo Alto Networks has created test URLs for all categories. These testing URLs are 100% benign and have been categorized into their respective categories for testing purposes.
- For example, For the command-and-control category, the URLs is http://urlfiltering.paloaltonetworks.com/test-command-and-control . You will see respective logs; the following "blocked-continue page" will be displayed if the policy is configured as block-continue access to command-and-control categorized.
- Another example, For social networking, you can visit: https://urlfiltering.paloaltonetworks.com/test-social-networking, and if your policy is to allow access to this category, you will see the following result. ( decryption needed for HTTPS sites that have patterns like /test-social-networking)
URLs can have four categories Risk level, content, Function, and Security Assessment, as defined below with examples. We have test URLs for all the cases.
- Risk level( high risk, medium or low risk)
- Content (i.e., motor vehicles)
- Function/Behavior (i.e., personal-sites-and-blogs)
- Security Assessment (i.e., Newly Registered Domain, malware, phishing)
- Test pages for low, medium, and high-risk categories:
http://urlfiltering.paloaltonetworks.com/test-low-risk
http://urlfiltering.paloaltonetworks.com/test-medium-risk
http://urlfiltering.paloaltonetworks.com/test-high-risk
- Test pages for malicious categories:
http://urlfiltering.paloaltonetworks.com/test-malware
http://urlfiltering.paloaltonetworks.com/test-phishing
http://urlfiltering.paloaltonetworks.com/test-command-and-control
http://urlfiltering.paloaltonetworks.com/test-ransomware (Refer Ransomware )
- Test pages for newly registered domains:
https://urlfiltering.paloaltonetworks.com/test-newly-registered-domains
- Test pages non-malicious categories:
http://urlfiltering.paloaltonetworks.com/test-abortion
http://urlfiltering.paloaltonetworks.com/test-abused-drugs
http://urlfiltering.paloaltonetworks.com/test-adult
http://urlfiltering.paloaltonetworks.com/test-alcohol-and-tobacco
http://urlfiltering.paloaltonetworks.com/test-auctions
http://urlfiltering.paloaltonetworks.com/test-business-and-economy
http://urlfiltering.paloaltonetworks.com/test-computer-and-internet-info
http://urlfiltering.paloaltonetworks.com/test-content-delivery-networks
http://urlfiltering.paloaltonetworks.com/test-copyright-infringement
http://urlfiltering.paloaltonetworks.com/test-dating
http://urlfiltering.paloaltonetworks.com/test-dynamic-dns
http://urlfiltering.paloaltonetworks.com/test-educational-institutions
http://urlfiltering.paloaltonetworks.com/test-entertainment-and-arts
http://urlfiltering.paloaltonetworks.com/test-extremism
http://urlfiltering.paloaltonetworks.com/test-financial-services
http://urlfiltering.paloaltonetworks.com/test-gambling
http://urlfiltering.paloaltonetworks.com/test-games
http://urlfiltering.paloaltonetworks.com/test-government
http://urlfiltering.paloaltonetworks.com/test-hacking
http://urlfiltering.paloaltonetworks.com/test-health-and-medicine
http://urlfiltering.paloaltonetworks.com/test-home-and-garden
http://urlfiltering.paloaltonetworks.com/test-hunting-and-fishing
http://urlfiltering.paloaltonetworks.com/test-insufficient-content
http://urlfiltering.paloaltonetworks.com/test-internet-communications-and-telephony
http://urlfiltering.paloaltonetworks.com/test-internet-portals
http://urlfiltering.paloaltonetworks.com/test-job-search
http://urlfiltering.paloaltonetworks.com/test-legal
http://urlfiltering.paloaltonetworks.com/test-military
http://urlfiltering.paloaltonetworks.com/test-motor-vehicles
http://urlfiltering.paloaltonetworks.com/test-music
http://urlfiltering.paloaltonetworks.com/test-news
http://urlfiltering.paloaltonetworks.com/test-nudity
http://urlfiltering.paloaltonetworks.com/test-online-storage-and-backup
http://urlfiltering.paloaltonetworks.com/test-parked
http://urlfiltering.paloaltonetworks.com/test-peer-to-peer
http://urlfiltering.paloaltonetworks.com/test-personal-sites-and-blogs
http://urlfiltering.paloaltonetworks.com/test-philosophy-and-political-advocacy
http://urlfiltering.paloaltonetworks.com/test-private-ip-addresses
http://urlfiltering.paloaltonetworks.com/test-proxy-avoidance-and-anonymizers
http://urlfiltering.paloaltonetworks.com/test-questionable
http://urlfiltering.paloaltonetworks.com/test-real-estate
http://urlfiltering.paloaltonetworks.com/test-recreation-and-hobbies
http://urlfiltering.paloaltonetworks.com/test-reference-and-research
http://urlfiltering.paloaltonetworks.com/test-religion
http://urlfiltering.paloaltonetworks.com/test-search-engines
http://urlfiltering.paloaltonetworks.com/test-sex-education
http://urlfiltering.paloaltonetworks.com/test-shareware-and-freeware
http://urlfiltering.paloaltonetworks.com/test-shopping
http://urlfiltering.paloaltonetworks.com/test-social-networking
http://urlfiltering.paloaltonetworks.com/test-society
http://urlfiltering.paloaltonetworks.com/test-sports
http://urlfiltering.paloaltonetworks.com/test-stock-advice-and-tools
http://urlfiltering.paloaltonetworks.com/test-streaming-media
http://urlfiltering.paloaltonetworks.com/test-swimsuits-and-intimate-apparel
http://urlfiltering.paloaltonetworks.com/test-training-and-tools
http://urlfiltering.paloaltonetworks.com/test-translation
http://urlfiltering.paloaltonetworks.com/test-travel
http://urlfiltering.paloaltonetworks.com/test-unknown
http://urlfiltering.paloaltonetworks.com/test-weapons
http://urlfiltering.paloaltonetworks.com/test-web-advertisements
http://urlfiltering.paloaltonetworks.com/test-web-hosting
http://urlfiltering.paloaltonetworks.com/test-web-based-email
http://urlfiltering.paloaltonetworks.com/test-cryptocurrency
http://urlfiltering.paloaltonetworks.com/test-grayware
- List of test malicious categories for Advanced URL Filtering:
http://urlfiltering.paloaltonetworks.com/test-real-time-detection-command-and-control
http://urlfiltering.paloaltonetworks.com/test-real-time-detection-malware
http://urlfiltering.paloaltonetworks.com/test-real-time-detection-phishing
http://urlfiltering.paloaltonetworks.com/test-real-time-detection-grayware
Additional Information
Notes:
- All the above links also work with HTTPS connections. Replace http:// with https://.
- For HTTPS sites, decryption is needed.
- If the website is malicious from SNI, decryption is not needed to action it.
URL 192.168.178.30 35.223.6.162 tcp block-url urlfiltering.paloaltonetworks.com/test-weapons weapons ( Session decrypted, HTTP provided urlfiltering.paloaltonetworks.com/test-weapons )