< Home

Enabling Filtering of External Dynamic Malicious URLs

When the FW is enabled with filtering of external dynamic malicious URLs, the FW matches the requested URL with the external dynamic malicious URL list in the cache. If the URL matches the external dynamic malicious URL list in the cache, the FW directly blocks the URL request. By default, filtering of external dynamic malicious URLs is disabled. The user-defined URL category, external dynamic malicious URL, malicious URL and low-reputation URL are in descending order of priority.

Procedure

  1. Create a URL filtering profile.

    profile type url-filter name name

  2. Enable filtering of external dynamic malicious URLs.

    url-filter ext-url enable

  3. Reference the profile on security policies. For details on how to configure security policies, see Configuring a Security Policy Using the CLI.
  4. Return to the system view and commit the configuration.

    engine configuration commit

    The new or modified security profile does not take effect until you run the engine configuration commit command to commit the configuration. To save time, you can submit the configuration after all operations on the profile are complete.

Configuration Example

<sysname> system-view
[sysname] profile type url-filter name url_profile_01
[sysname-profile-url-filter-url_profile_01] url-filter ext-url enable
[sysname-profile-url-filter-url_profile_01] quit
[sysname] engine configuration commit
Parent Topic: Configuring Filtering of External Dynamic Malicious URL
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic