Overview
In the content filter, Kerio Control defines the types of web activities that are allowed by users' PCs on your network. The content filter uses Kerio Control Web Filter and Application awareness.
This filtering on different network layers is easily configured by a single set of rules.
The content filter allows setting limitations based on URL, worldwide website classification database, forbidden words, and filenames. It can also be used to filter access to certain FTP servers, enforce SafeSearch, eliminate P2P networks.
Prerequisites
- Traffic must be controlled by the HTTP / FTP / POP3 protocol inspector. The HTTP, FTP, and POP3 protocol inspectors have been activated automatically unless their use is denied by traffic rules.
- Kerio Control performs URL based filtering for encrypted traffic (HTTPS protocol). Learn more in a special article HTTPS filtering specifics.
- Secured FTP traffic (FTPS, SFTP) cannot be filtered.
- Content rules are also applied when Kerio Control's proxy server is used. However, the FTP protocol cannot be filtered if the parent proxy server is used. In such case, content rules are not applied.
Note: Kerio Control does not apply content rules to the reverse proxy traffic.
Solution
Configuring content rules
The Content Rules table includes several predefined rules.
Each rule is compound from several parts. Each part is represented with a column in the Content Rules table. Here there are the most important parts of each rule:
- Detected content defines what types of content to filter.
- A source is a person or IP address to which the rule applies.
- Action describes what to do with the selected content.
In the Content Filter table, you can see:
- Checkboxes which enable/disable rules (1)
- Short descriptions of each rule (2)
- Rules are greyed out when they are inactive(3). Kerio Control Web Filter or the application awareness feature is inactive on the Content Filter > Applications and Web Categories tab.
- The default rule allows all content (4)
- Green color highlights allowing rules (5)
- Red color highlights denying and dropping rules (6)
- The rule order is important. Use the arrows to adjust the order of rules. For details, see Ordering rules (7)
- Color your own rules for clear arrangement (8)
- More Actions (9) allows you to:
- Duplicate the highlighted rule
- Change the color of the highlighted rule
- Change the description the highlighted rule
- Edit the time range of the highlighted rule
Duplicating content rules
If you want to create a new content rule, try to find a similar one and duplicate it first (click on More Actions -> Duplicate). Duplicating a rule and adjusting some parameters is quicker than creating the new rule.
Adding new rules
- In the administration interface, go to Content Filter.
- On tab Content Rules, click Add.
- In the table, specify the name of the rule in the newly created line.
- Double-click the Detected content column and select what type of content should be filtered.
- Double-click the Source column and select users and/or IP addresses.
- Double-click the Action column and fill in the dialog box (see details in Setting actions)
- (Optional) Set the valid time — you can set a time interval for applying the rule. Create time intervals in Definitions > Time Ranges > then you can select the time interval in the Content Rules table.
- Click Apply.
Detecting content
In the Content Rule - Detected Content dialog box, click:
- Applications and Web Categories — for pages sorted in the selected categories by the Kerio Control Web Filter and the application awareness for pages sorted in the selected categories by the application detection.
- File Name — to allow/disable the transfer of the defined file types.
- URL and Hostname — to type any URL starting with the specified string. It is possible to use wildcards
*
(asterisk) and?
(question mark). - URL Groups — to allow/disable access to a group of web pages.
Rule order
Kerio Control goes through rules from top to down and stops with the first match. Therefore, order the rules from specific to general. The most general rule, Allow other traffic, is created by default and it is placed at the bottom.
You can change the order with:
- Arrows placed on the right side of the window
- Drag&Drop and move rule or more rules with mouse
Unlocking rules
Privileged users can continue to filtered websites if you enable this right for them. Read Setting access rights in Kerio Control for detailed information.
Testing
Adding new URLs for automatic updates
If you start to use new software with the automatic updates option, you must add a new URL to the content filter:
- Go to Content Filter and enable rule Allow automatic updates and MS Windows activation. The rule is based on the Automatic Updates URL group.
- Go to Definitions > URL Groups.
- Click Add.
- In the Add URL dialog, select Select existing > Automatic Updates.
- Type the URL for automatic updates. You can use *, ? or select Use regular expression and type the URL as a regular expression.
Blocking Facebook
For more information, please refer to Blocking Unwanted Sites in Kerio Control.