- Policies and profiles.png (37.58 KiB) Viewed 2136 times
- dlp policy.png (11.46 KiB) Viewed 2136 times
- images.google.com blocked.png (42 KiB) Viewed 2136 times
Unable to block uploads from wetransfer.com
-
sakshidalvi - Posts: 15
- Joined: Thu Jun 03, 2021 9:42 am
Unable to block uploads from wetransfer.com
The Problem : When I was trying to do checkpoint 5 from basic client scenarios (Upload Control). The task was to block uploading from all the websites except for a list of websites (I gave them Exception category) Following are the policies and profiles I made for the same.
DLP policy :
However after this when I opened images.google.com and tried to upload any image It was blocked by safesquid.
DLP policy :
However after this when I opened images.google.com and tried to upload any image It was blocked by safesquid.
-
sakshidalvi
- Posts: 15
- Joined: Thu Jun 03, 2021 9:42 am
Re: Unable to block uploads from wetransfer.com
When I tried to upload file on wetransfer.com It uploaded successfully eventhough it wasn't in exception category
Then I checked in the detailed logs and found that images.google.com was using the "file upload" request types. However, wetransfer.com was not using the "file upload" Request type :
- wetransfer uploading.png (251.11 KiB) Viewed 2135 times
- images.google has file upload category.png (10.83 KiB) Viewed 2135 times
- wetransfer did not have file upload category.png (15.8 KiB) Viewed 2135 times
-
sakshidalvi
- Posts: 15
- Joined: Thu Jun 03, 2021 9:42 am
Re: Unable to block uploads from wetransfer.com
To solve the same I created a custom request type for wetransfer and under content type I used application/json which was seen in the detailed logs.
My policies and profile after creating custom request type :
And after this when I tried uploading on wetransfer.com it didn't go through and I got the following error and when I placed wetransfer.com in EXCEPTION category I was able to upload file.
I just wanted to ask you if this is the correct way to solve the problem?
- created custom request type.png (15.78 KiB) Viewed 2135 times
- policies and profile after custom request type.png (37.12 KiB) Viewed 2135 times
- after custom request wetransfer upload got bloked.png (157.75 KiB) Viewed 2135 times
Re: Unable to block uploads from wetransfer.com
Hello Sakshi,
There is a lot of flaws in finding the Root Cause of the Problem...
If you look closely not all images.google.com will have File Upload as `Request Type` Added
i.e Not all Request to any website will be having File Upload
Secondly, why did you add Content-Type: application/json as wetranfer.
How did you come to the conclusion that adding that will help?
By going with the current policy a lot other web application will not work regardless whether File Upload is happening or not.
There is a lot of flaws in finding the Root Cause of the Problem...
If you look closely not all images.google.com will have File Upload as `Request Type` Added
i.e Not all Request to any website will be having File Upload
Secondly, why did you add Content-Type: application/json as wetranfer.
How did you come to the conclusion that adding that will help?
By going with the current policy a lot other web application will not work regardless whether File Upload is happening or not.
-
sakshidalvi
- Posts: 15
- Joined: Thu Jun 03, 2021 9:42 am
Re: Unable to block uploads from wetransfer.com
I found in detail logs that wetransfer.com was using Content-Type : application/json when I uploaded any file to it.
To limit the request type to only wetransfer.com I added wetransfer.com to the host of the request type so that other web application using the application/json will not get blocked.
To limit the request type to only wetransfer.com I added wetransfer.com to the host of the request type so that other web application using the application/json will not get blocked.