URL filtering

Malware is often distributed by malicious or infected sites and uses the so called "drive-by download" method of infection. URL filtering allows you to protect your machines from threats like malware and phishing coming from the Internet. You can block the access to websites that may have malicious content.

URL filtering also allows you to control the web usage in order to comply with external regulations or internal company policies. You can configure different access policies for more than 40 website categories.

Currently, the HTTP and HTTPS connections from Windows machines are checked by the protection agent.

The URL filtering feature requires an Internet connection to function.

Conflicts might occur if URL filtering is used in parallel with third-party antivirus solutions that also use URL filtering features. You can determine the statuses of other installed antivirus solutions through Windows Security Center.
If a compatibility or performance issue occurs, uninstall the third-party solution or disable the URL filtering module in your protection plans

How it works

A user follows a link or enters a URL in the address bar of a browser. The Interceptor fetches the URL and sends it to the protection agent. The protection agent parses the URL, checks the database, and then returns a verdict to the Interceptor. If the URL is forbidden, the Interceptor blocks the access to it and notifies the user that it is not allowed to see this content.

To configure the URL filtering

Create a protection plan with the URL filtering module enabled.
Configure the URL filtering settings (see below).
Assign the protection plan to the machines that you want.

To check which URLs have been blocked, go to Dashboard > Alerts.

URL filtering settings

The following settings can be configured for the URL filtering module.

Malicious website access

Specify which action will be performed when a user tries to open a malicious website:

Block – The access to the malicious website will be blocked and an alert will be generated.
Always ask user – The user will be asked to choose whether to proceed to the website or to go back.

Categories to filter

There are 44 website categories for which you can configure the access policy. By default, the access to websites from all categories is allowed.

	Website category	Description
1	Advertising	This category covers domains whose main purpose is to serve advertisements.
2	Message boards	This category covers forums, discussion boards, and question-answer type websites. This category does not cover the specific sections on company websites where customers ask questions.
3	Personal websites	This category covers personal websites, as well as all types of blogs: individual, group, and even company ones. A blog is a journal published on the World Wide Web. It consists of entries (“posts”), typically displayed in reverse chronological order so that the most recent post appears first.
4	Corporate/business websites	This is a broad category that covers corporate websites that typically do not belong to any other category.
5	Computer software	This category covers websites offering computer software, typically either open-source, freeware, or shareware. It may also cover some online software stores.
6	Medical drugs	This category covers websites related to medicine/alcohol/cigars that have discussions on the use or selling of (legal) medical drugs or paraphernalia, alcohol, or tobacco products. Note that illegal drugs are covered in the Narcotics category.
7	Education	This category covers websites belonging to official educational institutions, including those that are outside of the .edu domain. It also includes educational websites, such as an encyclopedia.
8	Entertainment	This category covers websites that provide information related to artistic activities and museums, as well as websites that review or rate content such as movies, music, or art.
9	File sharing	This category covers file-sharing websites where a user can upload files and share them with others. It also covers torrent-sharing websites and torrent trackers.
10	Finance	This category covers websites belonging to all banks around the world that provide online access. Some credit unions and other financial institutions are covered as well. However, some local banks may be left uncovered.
11	Gambling	This category covers gambling websites. These are the “online casino” or “online lottery” type website, which typically requires payment before a user can gamble for money in online roulette, poker, blackjack, or similar games. Some of them are legitimate, meaning there is a chance to win; and some are fraudulent, meaning that there is no chance to win. It also detects “beating tips and cheats” websites that describe the ways to make money on gambling and online lottery websites.
12	Games	This category covers websites that provide online games, typically based on Adobe Flash or Java applets. It does not matter for detection whether the game is free or requires a subscription, however, casino-style websites are detected in the Gambling category. This category does not cover: Official websites of companies that develop video games (unless they produce online games) Discussion websites where games are discussed Websites where non-online games can be downloaded (some of them are covered in the Illegal category) Games that require a user to download and run an executable, like World of Warcraft; those can be prevented by different means like a firewall
13	Government	This category covers government websites, including government institutions, embassies, and office websites.
14	Hacking	This category covers websites that provide the hacking tools, articles, and discussion platforms for hackers. It also covers websites offering exploits for common platforms that facilitate Facebook or Gmail account hacking.
15	Illegal activities	This category is a broad category related to hate, violence and racism, and it is intended to block the following categories of websites: Websites belonging to terrorist organizations Websites with racist or xenophobic content Websites discussing aggressive sports, and/or promoting violence
16	Health and fitness	This category covers websites associated with medical institutions, websites related to disease prevention and treatment, websites that offer information or products about weight loss, diets, steroids, anabolic or HGH products, as well as websites providing information on plastic surgery.
17	Hobbies	This category covers websites that present resources related to activities typically performed during an individual’s free time, such as collecting, arts and crafts, and cycling.
18	Web hosting	This category covers free and commercial website hosting services that allow private users and organizations to create and publish web pages.
19	Illegal downloads	This category covers websites related to software piracy, including: Peer-to-peer (BitTorrent, emule, DC++) tracker websites that are known in helping to distribute copyrighted content without the copyright holder's consent Warez (pirated commercial software) websites and discussion boards Websites providing users with cracks, key generators, and serial numbers to facilitate the use of software illegally Some of these websites may also be detected as pornography or alcohol/cigars, since they often use porn or alcohol advertisements to earn money.
20	Instant messaging	This category covers instant messaging and chat websites that allow users to chat in real-time. It will also detect yahoo.com and gmail.com since they both contain an embedded instant messenger service.
21	Jobs/employment	This category covers websites presenting job boards, job-related classified advertisements, and career opportunities, as well as aggregators of such services. It does not cover recruiting agencies or the “jobs” pages on regular company websites.
22	Mature content	This category covers the content that was labeled by a website creator as requiring a mature audience. It covers a wide range of websites from the Kama Sutra book and sex education websites, to hardcore pornography.
23	Narcotics	This category covers websites sharing information about recreational and illegal drugs. This category also covers websites covering development or growing drugs.
24	News	This category covers news websites that provide text and video news. It strives to cover both global and local news websites; however, some small local news websites may not be covered.
25	Online dating	This category covers online dating websites – paid and free - where users can search for other people by using some criteria. They may also post their profiles to let others search them. This category includes both free and paid online dating websites. Because most of the popular social networks can be used as online dating websites, some popular websites like Facebook are also detected in this category. It's recommended to use this category with the Social networks category.
26	Online payments	This category covers websites offering online payments or money transfers. It detects popular payment websites like PayPal or Moneybookers. It also heuristically detects the webpages on the regular websites that ask for the credit card information, allowing detection of hidden, unknown, or illegal online stores.
27	Photo sharing	This category covers photo-sharing websites whose primary purpose is to let users upload and share photos.
28	Online stores	This category covers known online stores. A website is considered an online store if it sells goods or services online.
29	Pornography	This category covers websites containing erotic content and pornography. It includes both paid and free websites. It covers websites that provide pictures, stories, and videos, and it will also detect pornographic content on mixed-content websites.
30	Portals	This category covers websites that aggregate information from multiple sources and various domains, and that usually offer features such as search engines, e-mail, news, and entertainment information.
31	Radio	This category covers websites that offer Internet music streaming services, from online radio stations to websites that provide on-demand (free or paid) audio content.
32	Religion	This category covers websites promoting religion or a sect. It also covers the discussion forums related to one or multiple religions.
33	Search engines	This category covers search engine websites, such as Google, Yahoo, and Bing.
34	Social networks	This category covers social network websites. This includes MySpace.com, Facebook.com, Bebo.com, etc. However, specialized social networks, like YouTube.com, will be listed in the Video/Photo category.
35	Sport	This category covers websites that offer sports information, news, and tutorials.
36	Suicide	This category covers websites promoting, offering, or advocating suicide. It does not cover suicide prevention clinics.
37	Tabloids	This category is mainly designed for soft pornography and celebrity gossip websites. A lot of the tabloid-style news websites may have subcategories listed here. Detection for this category is also based on heuristics.
38	Waste of time	This category covers websites where individuals tend to spend a lot of time. This can include websites from other categories such as social networks or entertainment.
39	Traveling	This category covers websites that present travel offers and travel equipment, as well as travel destination reviews and ratings.
40	Videos	This category covers websites that host various videos or photos, either uploaded by users or provided by various content providers. This includes websites like YouTube, Metacafe, Google Video, and photo websites like Picasa or Flickr. It will also detect videos embedded in other websites or blogs.
41	Violent cartoons	This category covers websites discussing, sharing, and offering violent cartoons or manga that may be inappropriate for minors due to violence, explicit language, or sexual content. This category doesn't cover the websites that offer mainstream cartoons such as “Tom and Jerry”.
42	Weapons	This category covers websites offering weapons for sale or exchange, manufacture, or usage. It also covers the hunting resources and the usage of air and BB guns, as well as melee weapons.
43	Email	This category covers websites that provide email functionality as a web application.
44	Web proxy	This category covers websites that provide web proxy services. This is a “browser inside a browser” type website when a user opens a web page, enters the requested URL into a form, and clicks “Submit”. The web proxy site downloads the actual page and shows it inside the user browser. These are the following reasons this type is detected (and might need to be blocked): For anonymous browsing. Since requests to the destination web server are made from the proxy web server, only its IP address is visible and if the server administrators trace the user, the trace will end on web proxy – which may or may not keep logs necessary to locate the original user. For location spoofing. User IP addresses are often used for profiling the service by the source location (some national government websites may only be available from local IP addresses), and using those services might help the user to spoof their true location. For accessing prohibited content. If a simple URL filter is used, it will only see the web proxy URLs and not the actual servers that the user visits. For avoiding company monitoring. A business policy might require monitoring employee Internet usage. By accessing everything through a web proxy, a user might escape monitoring that will not provide correct information. Since the SDK analyzes the HTML page (if provided), and not just URLs, for some categories the SDK will still be able to detect the content. Other reasons, however, cannot be avoided just by using the SDK.

If you enable the Show all notifications for blocked URLs by categories check box, the notifications for blocked URLs by categories will be shown in the tray. If a website has several sub-domains, notifications are also generated for them, therefore their number may be significant.

Exclusions

URLs that are known as safe can be added to the list of the trusted URLs. URLs that represent a threat can be added to the list of the blocked URLs.

To add a URL to a list

In the URL filtering module of a protection plan, click Exclusions.
Select the desired list: Trusted or Blocked.
Click Add.
Specify the URL or IP address, and then click the check mark.

Examples of URL exclusions:

If you add xyz.com as trusted/untrusted, all addresses in the xyz.com domain will be treated as trusted or untrusted depending where you want to add it.
If you want to add a specific subdomain, you can add mail.xyz.com as trusted/untrusted, and this will not cause all the xyz.com addresses to be trusted or untrusted.
If you want to add IPv4 to be trusted/untrusted, the following format has to be used to be valid: 20.53.203.50.
If you want to add several URL exclusions at the same time, make sure to add each entry on a new line:

acronis.com

mail.xyz.com

20.53.203.50