I have started creating a custom ruleset on my father’s computer, and as usual started by blocking everything by denying access to the Executables and Applications groups. However, upon activating the wifi adapter I got a DHCP address and could access a few very specific sites (e.g.: Comodo’s, google.com, youtube.com, mozilla.org) with any of the browsers installed, but not to others (like amazon.com). I thought this could be caused by the Website Filtering feature, so I disabled it but the behavior did not change.
How can I disable whatever grants this domain (or url) based access so the rules being created take precedence over this (to me) strange defaults. The same rules work as I would expect on v5, which I still run on an old win7 pc.
you must add in exclusions terms… for example:
in group block:
NOTE: Is need setting all domains in exclusions, for example:
in microsoft.com is used domains akamai, so we must add setting akaimai and other sites external, in comodo.com, google an others have than configure the apis, to sites than acess…
Sorry my english, if not understood wait devs (developers) :-TU
Hi, thanks for taking the time to write an answer, but even if I don’t understand exclusions to what it is you are referring to, I don’t think it applies to my case.
I’m not looking to actively and completely block these domains, but rather for them to be accessible only through the processes intended (by me) to do so, as opposed to any executables not included in the custom ruleset.
I just need to make the custom rules be the “dominant” grantee regarding internet access.
For example, i add (*.exe , *.php , *.css…) in rule create of name “block” (this prevent download and loading correct of sites), so we have than add in exclusions (urls of sites inside and out of pages)…
NOTE: Filter web block or allow urls configured, this is good becouse allow acess in sites blocking only elements than you, i… add in settings filter web…
Sorry my english
Ok, just to be clear… “block” and “exclusion” are not CIS options but custom rules?
If so that’s exactly what I was doing and the problem I posted originally is that there’s already the equivalent of a “block all” rule, and despite not having any “exclusion” rule yet, these domains were accessible anyway.
I need to know what is it that either overrides or takes precedence over the custom rules so I can disable or reconfigure it.
You need to enable IPv6 filtering as it is disabled by default and rules are processed from top to bottom so make sure they are listed at the top.
It was the IPv6 filtering disabled.
Thanks a lot!