View this page in English

Censornet - internet filtering on your terms

BECTA Accredited products VMWare Certified Virtual Appliance Members of the Internet Watch Foundation Shortlisted for the BETT 2008 Awards Computer Security Awards finalist

Chat online now or call +44 (0) 845 230 9590 for help & advice

How are the policies parsed?

July 18, 2011 • Customer Services

Synopsis

This article describes how a policy decides whether to allow or deny a URL.

Article

Synopsis: This article describes how a policy decides whether to allow or deny a URL.

Having chosen upon a policy (see "How do I know which policy is in use?"), the chosen policy is parsed as follows.

Checks the requested URL against the Custom URL module, returning a list of categories the URL matches; this may be none, one or many categories. Once the list of categories has been determined, check to see if the policy is preferring to block over allow or allow over block. In the former case, if any one category defines the URL as blocked, then the request will be blocked. In the latter case, the obverse will be true.
If no decision has yet been reached, check the requested URL against the Content Classifier module. Again, the requested URL could fall into more than one category. Although the checks are carried out as above, if the requested URL is classified as a Dynamic site, then the real time raters will be called if the option "Force real time content analysis" is set (this is the default).
If no rules have matched so far, wait for the response from the upstream proxy, then check the content against the Content Classifier again, this time also analysing content, then the File Type filter, then the MIME Type filter, and finally, the Active Image Control.

What all of this means is that if you want to permit access to all the good information on WikiPedia, but block those pages containing obscene material, you now can. Make sure that your policies have the default options of "Block rules override Allow rules" and "Force real time content analysis" and this is exactly what will happen.

Upload Module

In the case of uploading a file, say through a Web Mail site, then the order of modules is that the Custom URL filter is called first, still taking priority, and the Upload Module is called subsequently. Thus you can permit uploads through a site that you trust, by adding its url to the Custom URL filter, but block uploads anywhere else.

Note: The Upload Module cannot control the upload of files through HTTPS sites unless you have activated the HTTPS Intercept Mode.

Last modified on Mon, July 18, 2011 « Back

Twitter Icon - Click Here To Follow Us

Follow us on Twitter...

Stay up to date with the latest news, special offers and advice from CensorNet on Twitter... we are Tweeting regularly!

Join our mailing list

CensorNet Ltd is a registered company in England & Wales No. 05518629. © 2005-2011 CensorNet Ltd.
CensorNet™ and the 'CensorNet logo' are registered trademarks of CensorNet Ltd. All rights reserved. E&OE.
CensorNet web filtering is certified for VMware ® environments. VMware® is a trademark of VMware Inc.

Tel: +44 (0)845 230 9590 Fax: +44 (0)845 230 9591 Email: Click here to email us
Site Map | Privacy Policy | Terms & Conditions of Sale | Web Site Terms & Conditions

Back to the top