How to restrict access to Twitter.com for all users but allow access to a single Twitter account

How to restrict access to Twitter.com for all users but allow access to a single Twitter account

642
Created On 09/21/22 03:51 AM - Last Modified 11/07/25 20:44 PM


Objective


Block all Twitter access for all users but allow access to a single Twitter account.

Environment


  • All firewall VM or HW based
  • All PANOS version
  • SSL Forward Proxy Decryption

Procedure


1. Create custom URL Category, Web GUI -> Objects -> Custom Objects -> URL Category -> twitter allow (example name) 
          Custom-URL-Category-for-Single-Twitter-account

Hint: Using browser developer tool, add all URLs seen from dev tools to the custom URL Category when accessing the single Twitter account.

2. Create URL Filtering Profile, Web GUI -> Objects -> Security Profile -> Add the custom URL Category created in Step #1.  

 URL-Filtering-Profile-twitter-allow        
 2.1. Under the Predefined Categories, select "social-networking", define actions as "block" and "block". 

URL-Filtering-Profile-block-social-networking

3. Create the security policy and place it on top of other policies to ensure the policy will be hit first. In the security policy rule, under Application Tab, add "twitter", under Service/URL Category add "service-http" and "service-https" in the Service section. Lastly, in the Action tab, select the URL Filtering Profile in the Profile Setting.

Security-Policy-Rule-Action

4. Lastly configure SSL decryption and enable it for the source and destination zones.
 

Additional Information



Knowledge Based Article:  Twitter images are blocked even when allowing Twitter.com

Admin Guide:  URL Category Exceptions

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000wlbtCAA&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail