Fortigate Web Filter Syntax

For the Fortigate Web Filtering I'm trying to figure out the proper syntax to open whitelist a domain.
Even if that domain has more path behind it.

For example both www.mydomain.com and www.mydomain.com/business/advertising/prices.pdf

I watched the Fortinet video, and it shows the URL filter should be: *mydomainname.com  "wildcard" "Exempt"
but that does not work at all.

I tried *.mydomainname.com and that works for the main page, but not the remainder of the path. (it get blocked by a web filter category)

Thanks!
DrPingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

FideliusCommented:
Hello,

If you choose type "Simple", you can put just www.mydomain.com 
It will also allow www.mydomain.com/business/advertising/prices.pdf

If you want type "Wildcard", you can put wildcard on begining, end or both:
www.mydomain.com*
*mydomain.com*
*mydomain.com

I have it configured in all above ways for different type of sites.
I'm running FortiOS 5.2.1

Regards!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
btanExec ConsultantCommented:
Agree with Fidelius. It can be either
To control access to all pages with a URL that ends with example.com, add example.com to the filter list. For example, adding example.com controls access to www.example.com, mail.example.com, www.finance.example.com, and so on
or
Control access to all URLs that match patterns created using text and regular expressions (or wildcard characters). For example, example.* matches example.com, example.org, example.net and so on.
URL filtering uses a black list approach. That is, all sites are allowed, except those that are blocked. Note also the list entries are processed from top to bottom. Note it is specific to the pattern of the URL stated. However, more commonly if you wanted to be specific on Web Site only (not URL) then you can use Web Site Filter instead for www.domain.com though you can achieve in URL filter too but need to be careful on the pattern declaration. Side note, you can even drill into Web Content filter..

But do take note as shared in docs(pdf) when using Exempt
When you add a URL pattern to a URL filter list and apply the Exempt action, traffic sent to and replies traffic from sites matching the URL pattern will bypass all antivirus proxy operations. The connection itself inherits the exemption. This means that all subsequent reuse of the existing connection will also bypass all antivirus proxy operations. When the connection times out, the exemption is cancelled.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.