Block Photo/Video Files Upload & Transfer on WhatsApp Web via ProxySG

book

Article ID: 169299

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

The objective is to allow browsing WhatsApp web version (URL: https://web.whatsapp.com) but deny Multimedia Files Upload & Transfer operation.

Cause

Further Research Paper from this link (http://dl.ifip.org/db/conf/networking/networking2015/1570062089.pdf) shows that the WhatsApp Upload control and text messages are handled by chat servers associated to the domains {c|d|e}X.whatsapp.net (X is an integer changing for load balancing), whereas multimedia contents are handled by multimedia (mm) servers associated to the domains "mmsXYZ.whatsapp.net" for audio transfer, "mmiXYZ.whatsapp.net" for photo transfers, and "mmvXYZ.whatsapp.net" for videos

Example of Multimedia servers associated to mmiXYZ.whatsapp.net
e.g. https://mmi681.whatsapp.net

23rd July 2019
- done testing in test lab and found the web Whatsapp file sharing (Audio, Video and Photo) are send via https://mmg.whatsapp.net

Resolution

Assume in the web access layer, there is an ALLOW rule that allow access to any destination, apply following Content Policy Language (CPL) script to deny specific URL domains used for file transfer/upload.

define condition WhatsappWebUpload
url.domain="mmg.whatsapp.net" ;;Testing shown Audio, Video and Photo are done via this same URL

end


<Proxy>
condition=WhatsappWebUpload DENY ;;Block WhatsApp Web multimedia files transfer