Allow Google recaptcha while blocking Google site

book

Article ID: 171678

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

The purpose of this article is to provide a way to allow the Google reCAPTCHA while blocking Google in general.

SSL Interception is a requirement for this process because the reCAPTCHA URLs are within Google sites and the only way for the proxy to have visibility over them is by applying SSL Interception on www.google.com

Resolution

Below is CPL code. We need to create two Web Access Layers as shown below:

 

<Proxy>

                url.domain="www.google.com" http.method=CONNECT Allow

                url.domain="www.google.com" Deny

 

<Proxy>

                condition=reCAPTCHA Allow

 

define condition reCAPTCHA

url.host.exact="www.google.com"           url.path.substring="recaptcha"

url.host.exact="www.google.com"           url.path.substring="xjs"

url.host.exact="www.google.com"           url.path.substring="js"

end

 

Note: The only difference between Explicit and Transparent is that the first rule is not required in Transparent (as there is no CONNECT request)