Chapter 3 System Administration : Advanced concepts : Blocking HTTP access by IP

Blocking HTTP access by IP
To block a web site using the IP, create a URL filter entry, using the additional information below. Note that this is only effective with HTTP or FortiGate units running Deep Inspection.
You need to create two URL filter entries. The first filter only allowing a text string containing two or more sets of text separated by a period. This is to match the various domain possibilities for web sites, for example:
The second filter blocks any IP address lookup.
To add the URL filter entries
1
Go to UTM Profiles > Web Filter > URL Filter.
2
Select Create New to add a filter group, give it a name and select OK.
3
Select Create New for a new filter.
4
Enter the URL of ^([a-z0-9-]+\.){1,}[a-z]+
5
Set the Type to Regex.
6
Set the Action to Allow.
7
8
Select Create New.
9
Enter the URL of [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}
10
Set the Type to Regex.
11
Set the Action to Block.
12
Position these at the end of the URL filter list so that any exemptions or blocks before that are still effective.
Both of these filter entries are required. If you only enter the second one, the FortiGate unit will also catch a URL lookup as they both behave in a similar fashion after the URL is resolved to an IP. The first entry is needed to break out of the URL filter and allow the web site before it does the second check if they entered text.

FortiOS Handbook, FortiOS 4.0 MR3
01-431-99686-20110916 · 16 September 2011
© 2011 Fortinet, Inc. All rights reserved.
Latest documentation: http://docs.fortinet.com/
Contact us: http://docs.fortinet.com/contact.html
Feedback: http://docs.fortinet.com/surveyredirect.html