search cancel

How to allow only specific Twitter page

book

Article ID: 228210

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

How to allow only specific twitter Page (i.e. https://twitter.com/Broadcom) and block everything else on twitter?

If user enter twitter.com it should automatically redirect to specific twitter page (i.e. https://twitter.com/Broadcom)

Environment

twitter.com defaults to HTTPS. As a result, for the solution to work, customer environment needs to meet the prerequisite:

1. SSL Intercept is enabled to intercept traffic.

2. Explicit Deployment: Detect Protocol is enabled to hand off the traffic to SSL Proxy

Resolution

The ProxySG can be configured to allow only single twitter page (i.e. https://twitter.com/Broadcom) and block everything else and automatically redirect user to specific twitter page(i.e. https://twitter.com/Broadcom) when twitter.com is accessed. Following is the CPL code for the same.

;==================twitter.com Redirection to Broadcom Twitter Page========================

define condition TWR_Redirect_URLs
url.domain=twitter.com url.path.exact="/"
end

define action TWR_Redirect
redirect(307, ".", "https://twitter.com/Broadcom")
end

<proxy>
url.domain=twitter.com http.method=POST request.header.Referer.url.suffix="twitter.com/" ALLOW
url.domain=twitter.com http.method=GET request.header.Referer.url.suffix="twitter.com/" ALLOW
url.domain=twitter.com url.path.substring="Broadcom" ALLOW
url.domain=twitter.com url.path="/i/api" request.header.Referer.url.suffix="twitter.com/" ALLOW
url.domain=twitter.com url.path="/i/api" request.header.Referer.url.suffix="Broadcom" ALLOW
url.scheme=https condition=TWR_Redirect_URLs action.TWR_Redirect(yes) ALLOW
url.domain=api.twitter.com ALLOW
url.domain=twimg.com ALLOW
url.domain=twitter.com deny


<proxy>
url.domain=twitter.com http.method=CONNECT ALLOW

 

Note: Above mentioned policy can be created and placed into the local policy file. For information on how to install the CPL policy into the local policy file, please see this article for information on how to install policy into the local policy file.

 Disclaimer :  This CPL is provided on an "as-is" basis. Broadcom has no control of, and is not responsible for changes done (or not) by twitter.