Configuring an HTTP Policy

http policies define which web pages are allowed or denied there is also filtering for http logs the main url is configured in the previous section this section addresses how to configure the http policy to allow or deny the pages under the main url for example, if the main url is “facebook com,” policies are only applicable to facebook com and its sub urls to configure http policies in kron pam navigate to policy > policy click the blue add button and a pop up will appear select the policy key tab as http policy and click save fill in the description and http rule type if needed; turn on url based rule | header based rule | content based rule a create an http policy by filling in the fields as described below field description description enter the description of the web page the description is only a name to distinguish the web page type allow allowed sub urls under the main url should be configured as allow deny if the admin wants to deny one of the sub urls of an allowed url, the url to be denied should be configured as deny filter log this field filters the http logs that are defined in this field this is a tool to avoid unnecessary logs multiple policies it is possible to apply more than one http policy to a web page in this scenario, the http proxy checks the deny criteria first if the requested web page matches the deny criteria, http proxy denies the web page; otherwise, it checks for the allow criteria if the requested page matches the allow criteria, http proxy allows the web page; otherwise, http proxy denies the web page logging all denied criteria are logged indisputably as for the allowed criteria, http proxy checks if it is configured in the filter log if not, the allowed logs are stored as well url to deny specific sub urls under the main url, admins must specify these sub urls here the url can be a) exact , b) contains , c) regex, and d) is empty admins can select a) the exact url can be entered as is b) contains to restrict all urls which contain specific words c) regex to define urls by regex d) is empty if the sub url is empty even if the main url is configured as a device, as outlined in the previous section, it should be allowed in the http policy as well generally, regex is used to allow the main url and all sub urls another policy can be defined to deny the sub urls that should be denied header name a sub web page can be restricted by a header the header name should be written here, and the keywords should be defined in the header field header the header option is used if an admin user wants to restrict the web page with a keyword in the header the header name of the keyword should be configured in the header name field it can be selected as a) exact , b) contains , c) regex, and d) is empty content web pages can also be denied due to a word in the web page content it can be selected as a) exact , b) contains , c) regex, and d) is empty