Symptoms:

• Web Content filter not working
• Web Content filter not blocking sites using MSN Web Cache
• Web Content filter not blocking sites using Yahoo Web Cache
• Web Content filter not blocking sites using Google Web Cache

Facts:

• 3CRX506DV-96
• 3CRX5DV-U-96
• 3CRX5DV-25-96
• 3CRTPX5
• 3CRTPX506
• 3CRTPX505

Cause: The problem stems from two aspects of the behavior of the current search engines:

• a.) Returning cached pages. These no longer appear to come from the original site, so the categorization is undermined.
• b.) Returning thumbnail images or other image content from search that may be undesirable. Safe search goes some way here but not necessarily as far as wanted.

Fix: The basic approach is to define Custom filters to block desired traffic :

For a:

Define some Custom Filter patterns in each web filter profile on the X to block the return of cached pages.

For b:

• Block the Photo Search category in the URL subscription service
• From testing, this will block almost everything. However a web page can only have one category. Some of the search engines (notably Yahoo) have to be rated as Search even though they do images too. This means you need the custom filters too.
• Add some specific Custom Filter patterns in each web filter profile for images or thumbnails.

The effect of this will be that a click on a cached link on the search results will return the custom block page. The thumbnails or images on the search engine will also not display.

The patterns to use are different for each search engine. This means there is always the risk of the pattern changing or new search engines being found. In addition please be aware that it is possible (but unlikely) there will be false blocks from these patterns if other legitimate URLs happen to have the same strings in them. If that occurs, add a Permit pattern for the specific site in question as a permit always overrides a block.

The X series Firewall always checks permit rules first before blocks. Always ensure there is not a custom permit filter, or a category permitting access to the web site if the block is not working. For example, if you allow Photo Search category, none of the custom filters will fire. The best way to do check is to enable logging on the web filter firewall rule. Then look at the Firewall Session Log entries to see why the URL is being allowed. This will show the category allowing it, or whether it was a custom Permit pattern.

— David Gonzalez 2021/04/08 11:26