How to allow/block some categories on Youtube
Article ID: 166283
Updated On:
Products
ProxySG Software - SGOS
Issue/Introduction
Resolution
Prerequisites
- SSL interception must be enabled. See articles How to configure SSL proxy to intercept HTTPS traffic for an explicit deployment using a self-signed certificate? and 000008716
- Youtube categorization must be enabled under Content filtering –General- Youtube (checked)
Resolution
Add a CPL layer in VPM as a last layer in your policy order and following CPL code (for allowing categories, in this example we added Travel and Education but you can add more)
<ssl-intercept>url.domain=youtube.com ssl.forward_proxy(https) ssl.forward_proxy.issuer_keyring(default) ; this will enable SSL intercept only for youtube domain<Proxy>ALLOW condition=Combined_youtube_cat
DENY condition=YT_URLS url.regex="v=" condition=YT_URLS ALLOWdefine condition YT_URLSurl.domain=youtube.comurl.domain=ytimg.comurl.domain=googlevideos.comurl.substring=crossdomain.xmlenddefine condition Combined_youtube_cat
url.application.name=YouTube category=(Travel,Education)
endFor denying category in Youtube and allowing everything else use following code
<ssl-intercept>
url.domain=youtube.com ssl.forward_proxy(https) ssl.forward_proxy.issuer_keyring(default)<Proxy>
Deny condition=Combined_youtube_cat
condition=YT_URLS ALLOWdefine condition YT_URLS
url.domain=youtube.com
url.domain=ytimg.com
url.domain=googlevideos.com
url.substring=crossdomain.xml
enddefine condition Combined_youtube_cat
url.application.name=YouTube category=(Entertainment)
endAt the time of writing this article we put domains that were part of the youtube.com web site. But it is possible that youtube will change this and in that case you will have to run policy trace and find if youtube.com added some new domain that didn’t exist at the time of writing this article.
How to enable policy trace? See 000011161
Feedback
Yes
No
Powered by
