Incoming Proxy - Deny Specific Page
I have a case where I want to allow access to an internal web site, but need to restrict just one page (can't be done on the server, must be done on the firewall). The case is where Static NAT is being used to redirect HTTPS request from the external IP to an Internal server. However, I want the page /admin to be restricted. So, for example, https://myserver.mydomain.com should be able to be accessed but https://myserver.mydomain.com/admin should be restricted. I've tried multiple permutations in the Proxy, from matches on the domain names to deny anything that has "admin" in it, to inspecting anything if the rule does not match, and then in the HTTP Proxy Action portion, denied it again when admin was in the URL. I've tried exact match, Pattern match and Regular Expressions all with no luck. Any advice is appreciated.
Rich.
Comments
Use Inspect on this web site, and on the HTTP proxy action on your incoming HTTPS proxy, use URL Paths to deny access to /admin exact match
Turn on Logging on URL Paths Not Matched during testing just in case...