How to block specific version of web browser using App rule
03/26/2020 1094 11963
This article describes how the App rule feature in the Sonicwall UTM appliance is used to block Specific version of Browsers. Application Firewall can be used to block specific versions of any web browser. An application object that allows enumeration of the various textual strings that can be used to match the name various browsers use to identify themselves. This information is contained in the User-Agent header of an HTTP GET request.
For Example , To block a specific Internet Explorer version.
1. Login to the Sonicwall Management interface.
2. Navigate to Firewall | Match. Click on Add New Match Object . Select the match object type as HTTP User Agent
Enable Negative Matching: Enabling Negative Matching for an application object and then using such object in a policy would create a policy that will perform a specified action , which allows only the specified version and blocks all other versions.
1. Navigate to the Firewall | App rule 2. Click on the Add New Policy button 3. In the Application Firewall Policy Settings window enter the following:
Policy Name: Block IE version 8.0
Policy Type: HTTP Client
Address Source: Any
Address Destination: Any
Service Source: Any
Service Destination: HTTP
Exclusion Address: None
Application Object:(select the Application Object created earlier)
Users/Groups Included: All
Users/Groups Excluded: None
Schedule: Always on
Enable Logging: Checked
Log individual object content: Unchecked
Log Redundancy Filter: Use Global Settings checked
Connection Side: Client Side
Direction (Basic): Both
How to Test:
Open the cIE 8.0. A “This webpage is not available / the page cannot be displayed” error will be displayed on the browser.