From time to time, Kerio Control might categorize the website incorrectly, causing the services of that particular website to be blocked. The legit website is being reported as blacklisted and the user receives "access to this page was denied by firewall policy" webpage.
This often happens for Anonymizer, Spam, and Phishing categories.
This article provides an explanation of why this happens and how to work around such a scenario.
The Kerio Control comes with pre-configured Content Rules, that protect users from suspicious websites and activities. Such content rule contains Anonymizer, Botnet, Hacking, Malware, Phishing, Spam, Fraud, Spyware, and other categories.
Once this rule is enabled, the end-users (company employees, etc) will receive the Access Denied page.
Filter logs will show similar output:
DENY [Rule] 'Kerio Control Web Filter categories and applications'
[Connection] ubuntu (192.168.235.11):54818 -> website.co (x.x.x.x):443, HTTPS
[User] ubuntu_vm [Content] Anonymizer - Web Pages website.co/
The website categorization is handled by external service provided by Zvelo. Sometimes, the websites might be miscategorized due to various reasons (website tags, poor SEO, etc). In such scenarios, the miscategorized websites may be reported to Zvelo directly (preferred way) or through Kerio Control Application and Web Categories UI.
- Login to Kerio Control Administration and navigate to Content Filter -> Application and Web Categories tab. Enter the URL of the blocked website and click Test URL.
- Click on "Not happy with this categorization?" and choose the correct category from the list. Click Submit or Submit and add to whitelist.
- The URL suggestion is now reported. If the "Submit and add to whitelist" option was chosen, the website is being added to the whitelist respectively.
- Now as the website was reported, to work around the website denial issue, create a Content Rule to allow access to that specific website.
For more information, please refer to Configuring the Content Filter in Kerio Control.
Ask the end-users to re-open the browser and try to access the website again. The website content should load successfully now.