Options
Can HTTP HTTPS proxy /webblocker filter on source address ?
I have web servers that we have found traffic from google proxy's that are accessing our sites bypassing geoblocking. If we could leverage the category for webblocker for proxy services on inbound that would resolve this for us.
0
Sign In to comment.
Comments
Hi @BMD011
WebBlocker doesn't run on inbound proxies as the request is just coming from an IP address. We don't get to see the signed certificate of the server or the DNS request, so there's not really a great way to determine the hostname of the server. Reverse DNS is also problematic here because it's not generally accurate for large services like google.
If you know the IP ranges that you'd like to block, you can do so by making a deny policy directly above your inbound allow policy for your webserver(s).
-James Carson
WatchGuard Customer Support