Articles Articles Most Popular Articles Most Popular Articles Most Helpful Articles Most Helpful Articles
Advanced Search
DrillDown Icon Table of Contents Back
 . . . . . . . . . . . . .
DrillDown Icon What's New
DrillDown Icon Knowledge Base Information
DrillDown Icon Cyberoam UTM
DrillDown Icon Product Literature
DrillDown Icon Best Practices & Policies
DrillDown Icon Protect Your Cyberoam Appliances from Power Fluctuations
DrillDown Icon Version 10.x
DrillDown Icon Cyberoam Maintenance
DrillDown Icon FAQ's
DrillDown Icon How To
DrillDown Icon Anti Spam
DrillDown Icon Anti Virus
DrillDown Icon Authentication
DrillDown Icon Clients
DrillDown Icon Content Filtering
DrillDown Icon Block Browser-based File Transfer
DrillDown Icon Allow Only Specific YouTube Videos
DrillDown Icon Block Gmail Web Chat
DrillDown Icon Import Domain Names and Keywords into Custom Web Filter Category
DrillDown Icon Block High Risk Applications with Cyberoam’s Proactive Protection Model
DrillDown Icon Implement Content Filtering on IM Applications
DrillDown Icon Configure Web Filter Policy
DrillDown Icon Update Web Category Database
DrillDown Icon Allow File Category Access to a Specific WebSite
DrillDown Icon Apply Schedule on a Specific Web Category in Cyberoam
DrillDown Icon Block File Transfer Between Yahoo/MSN Users
DrillDown Icon Block Internet Download Manager (IDM) in Cyberoam
DrillDown Icon Block Compressed Files on SMTP Traffic
DrillDown Icon Block Email Attachments Over SMTP
DrillDown Icon Block Facebook in Skype
DrillDown Icon Block Video Files in Cyberoam
DrillDown Icon Block LinkedIn Applications in Cyberoam
DrillDown Icon Block Facebook Applications in Cyberoam
DrillDown Icon Block a Specific File Type in Web Category in Cyberoam
DrillDown Icon Block P2P Applications in Cyberoam
DrillDown Icon Allow Specific URL from Blocked Category
DrillDown Icon Block URL for Specific User
DrillDown Icon Block HTTP/HTTPS Upload
DrillDown Icon Block Webcam Between Yahoo/MSN Users
DrillDown Icon Deny IM Login for Yahoo / MSN Users
DrillDown Icon Block Conversation Between Yahoo/MSN Users
DrillDown Icon Firewall
DrillDown Icon Identity-based Policies
DrillDown Icon IPS
DrillDown Icon Logs & Reports
DrillDown Icon Multiple Gateway - Load Balancing and Failover
DrillDown Icon Quality of Service (QoS)
DrillDown Icon Registration
DrillDown Icon Routing
DrillDown Icon SSL VPN
DrillDown Icon System
DrillDown Icon Users and Groups
DrillDown Icon Virtual LANs
DrillDown Icon VPN
DrillDown Icon Web Application Firewall (WAF)
DrillDown Icon Wireless LAN
DrillDown Icon Configure Wireless WAN
DrillDown Icon TroubleShooting
DrillDown Icon Visio Stencils
DrillDown Icon Glossary
DrillDown Icon Product Technical Support
DrillDown Icon Compatibility
DrillDown Icon Cyberoam Virtual UTM
DrillDown Icon Endpoint Data Protection
DrillDown Icon Cyberoam SSL VPN
DrillDown Icon Cyberoam iView
DrillDown Icon Cyberoam Central Console
DrillDown Icon Cyberoam's On-Cloud Management Service
  Email This ArticlePrintPrint Current Article and All Sub-Articles
Rate Icon Rate Icon Rate Icon Rate Icon Rate Icon
 
Block HTTP/HTTPS Upload

Applicable to version - 10.00 build 302 onwards

Requirement

Block Upload over HTTP and HTTPS

Prerequisite

Web and Application Filter module subscribed

Solution

The entire configuration is to be done from Web Admin console. Access Web Admin console with user having “Administrator” profile.

Follow the below given steps to block upload over HTTP and HTTPS.

Step 1. Enable HTTPS scanning

Please check Cyberoam version before you continue as this is version specific step.
 
All versions up to 10.00.0302

Log on to Telnet Console and go to option 4, and type the following command: set service-param HTTPS scanning on.

This would enable HTTPS scanning.

For all versions above 10.00.0309, by default HTTPS scanning is enabled, hence go to step 2.

Step 2: Add Web filter policy

Go to Web Filter --> Policy --> Policy and click “Add” button to create a Web Filter Policy “DenyHTTPUpload”.
 
 
 
 

Parameters

Value

Name

DenyHTTPUpload

Template

Allow All

Note* - “Allow all” Template is selected to allow entire traffic except HTTP/HTTPS upload

Enable Reporting

Enable
 
 
 

Click ‘OK’ button to create a Web Filter Policy.
 
 
 
 
On successful creation of web filter policy, click ‘Add’ button to add web filter policy rule.
 
 

Parameters

Value

Category Type

Web Category

Category

HTTPUpload

HTTP and HTTPS Action

Deny

Schedule

All the Time
 
 
 

Click Add button and the Web Filter policy rule will be created successfully as shown in the below snapshot:
 
 
 

The above Web filter policy when implemented through firewall rule, will block HTTP upload.
 

Step 3: Add Firewall rule

To block HTTPS upload, Cyberoam needs to inspect SSL content of HTTPS traffic. For this, enable HTTPS scanning through the firewall rule.

Go to Firewall à Rule and click on “Add” button to add firewall rule.
 
 

Parameters

Value

Name

LAN_WAN_AnyTraffic

Network/Host

Any/Any

Services

Any

Schedule

All the time

Action

Accept

Apply NAT

Enable

NAT policy - MASQ

Web Filter

DenyHTTPUpload (created in step 2)

AV & AS Scanning

HTTPS
 
 
 
 
 

Note:

When SSL content inspection for HTTPS traffic is enabled on Cyberoam, the web browsers will prompt a warning message if the Certificate Authority (CA) for the default certificate used by the Cyberoam SSL inspection is not known by the browser.  For this, you need to import Cyberoam SSL Proxy certificate in Internet Explorer and Firefox Mozilla for decryption on SSL Inspection. 

Please refer to the article Cyberoam CA Certificate Management for more information.
 
 
                                                                                                                                                      Document Version: 1.0- 09/09/2010
 
 
 
Attachments
File Icon How To - Block Upload over HTTP and HTTPS.pdf
Article ID: 1707
   Copyright © 2013 Cyberoam Technologies Pvt. Ltd.
All rights reserved.		 Knowledge Base Software
Powered By: NovoSolutions, Inc.