RM Logo
Technical Rating: 
Support Home PageSupport
Print This PagePrint This Page
Add to 'My Library' Add to 'My Library'

How to use web rules in RM SafetyNet
Published Date : 27 Aug 2015   Last Updated : 16 Mar 2017   Content Ref: TEC4699540  





Procedure

Using web rules

In your establishment's filter lists you can create your own web rules to allow or deny URLs that users attempt to access. If a match is found between your rule text and a URL then the relevant action (allow or deny) is taken.

The simplest and most efficient type of web rule is a domain rule, which checks for matches against domain names in URLs that users attempt to access. For example, you might create a rule to deny access to thrillseekers.com, which would deny access to all websites in which the domain name thrillseekers.com appears in the URL in the correct position (i.e. immediately before the first single forward slash (/)).

Alternatively, you can use wildcards to match specific strings of characters anywhere in a URL. For example, you might enter *friends* to look for the term friends anywhere in any URL that users try to access. Please bear in mind that wildcard rules are less precise than domain rules and if you are not careful you may unintentionally deny access to websites that you want to allow and allow access to websites that you want to deny.


How to create a web rule
  1. Click the Web Access Policy icon in the menu bar at the top of any page.
  2. Click the 'Your rules' tab.
  3. From the 'List to edit' drop-down menu, select the filter list in which you want to add the new rule and ensure the 'Web rules' tab is selected.
  4. Click Add Web Rule.
  5. In the New Web Rule window, enter the text for the new rule.
    • You can enter multiple different rules on separate lines if you want, in order to create a number of rules at the same time - though these rules will all share the same rule type and comment.
    • If you don't use any wildcards, then your entered text will be treated as a domain rule and RM SafetyNet will look for matches against the text that immediately precedes the first single forward slash (/) in URLs.
    • If you do enter one or more wildcards, then RM SafetyNet will look for matches anywhere in URLs.
      Note: For details about the syntax of web rules, refer to the 'Syntax for web rules' section below. For examples of web rules and guidance on best practice, please refer to the sections below.
  6. Select the type of rule: 'Deny access' or 'Allow access'.
  7. Enter a comment if required. Comments can be useful, as you can sort the list of rules on the Comments column. For example, for all rules that you create to deny social networking websites, you could add a comment starting with 'Social Networking. This would make it easy to re-sort the rules list to group together all such rules.
  8. Click 'Create rule'.

How to edit a web rule
  1. Click the Web Access Policy icon in the menu bar at the top of any page.
  2. Click the 'Your rules' tab. 
  3. From the 'List to edit' drop-down menu, select the list that contains the rule you want to edit and under the Show option ensure that 'Web rules' is selected.
  4. Tick the box to select the rule you want to edit and click Edit. (A clickable Edit icon is also displayed if you hover over the rule.)
  5. In the Edit Web Rule window, make the required changes to the rule text. You can also edit the Type of rule and Comment if required.
  6. Click 'Update rule'.

How to delete a web rule
  1. Click the Web Access Policy icon in the menu bar at the top of any page.
  2. Click the 'Your rules' tab. 
  3. From the 'List to edit' drop-down menu, select the list that contains the rule you want to delete and under the Show option ensure that 'Web rules' is selected.
  4. Tick the box to select the rule you want to delete and click Delete. (A clickable Delete icon is also displayed if you hover over the rule.)
  5. Click OK to confirm the deletion.

Syntax for web rules

Web rules check for matches against URLs that users attempt to access. If a match is found then the relevant action (allow or deny) is taken.
Note: Before you start creating web rules, you need to understand what a URL, domain name and host name are.

There are three general types of web rules:

  • Domain rule: If you know the domain name that you want to deny or allow, you can set a domain rule. For more details, see the 'Domain rules' section below.
  • Host rule: This is very similar to a domain rule but it includes an entire host name. For more details, see the 'Host rules' section below.
  • Wildcard rule: If you don't know the precise host name or domain name that you want to deny or allow, you can use wildcards. For more details, see the 'Wildcard rules' section below.

Note: All web rules are case insensitive. It does not matter whether you enter terms in upper case or lower case, or a mixture of the two - the effect will be the same. In this article, we show all example rules in lower case.


Domain rules

In a domain rule you simply enter the domain name that you want to allow or deny. The rule will check for the presence of this domain name within the URL that the user is trying to access. It will deny or allow all URLs where the specified domain name appears immediately before the first single slash (/) in the URL.

Here are some examples of domain rules:

  • toyshop.com
  • boyfriend.co.uk
  • downloadmusic.net
  • org.uk

You can also include a full or partial path in a domain rule and RM SafetyNet will look for a match against the domain name followed by as much of the path as you provide. This enables you to allow or deny access to a particular folder, page or file.

Here are some examples:

  • toyshop.com/shop
  • boyfriend.co.uk/links/messages.htm
  • gameshop.net/catalogue.pdf

Host rules

In a host rule you simply enter the host name that you want to allow or deny. The rule will check for the presence of this host name within the URL that the user is trying to access.
Note: RM SafetyNet cannot actually distinguish between domain rules and host rules. It does not need to do so as both types of rule operate in exactly the same way. RM SafetyNet checks backwards from the first slash character (/) in the URL and if it finds a match against a domain rule or host rule then the relevant allow or deny action is taken.

Here are some examples of host rules:

  • www.toyshop.com
  • mail.boyfriend.com.uk
  • share.downloadmusic.net
  • www.myschool.org.uk

As with domain rules, you can also include a full or partial path in a host rule and allow or deny access to a particular folder, page or file.

Here are some examples:

  • www.toyshop.com/shop
  • mail.boyfriend.co.uk/links/messages.htm
  • www.gameshop.net/catalogue.pdf

Wildcard rules

If you are not sure of the precise domain name or host name you want to permit or deny, or you want a more wide ranging rule, then you can use wildcards. The wildcards you can use are ? (for a single character) or * (for a string of characters).

As soon as you include a wildcard in a rule, the entire URL will be assessed, instead of just the domain name or host name (unless you use a hostname wildcard rule - see the 'Host name wildcard rules' section below).

Wildcard rules can be very powerful, but bear in mind that they are less precise than domain and host rules and may have a more wide ranging effect than you intend, so you need to use them with care. For example, the following deny wildcard rule will deny access to all websites containing the character string sex in the URL:

  • *sex*

However, the drawback of this rule is that it will also match against and deny access to URLs that contain perfectly innocent strings such as middlesex, unisex and sextant. If access to sites containing these terms is important to you, you would also need to set specific allow rules to override the deny rule, thus:

  • *middlesex*
  • *unisex*
  • *sextant*

One very useful purpose to which you can put wildcard rules is to deny access to certain file types. For example, to deny access to .m4p files, you can specify the following deny wildcard rule:

  • *.m4p

Here are some more examples of wildcard rules:

  • *friendspace*
  • *e??tasy*
  • www.????girl*

Host name wildcard rules

In a host name wildcard rule, you include wildcards in the rule but also include a colon (:) at the end, to indicate that you want the rule to be applied only to the host name within the URL, not the entire URL.

Here are some examples:

  • *myspace*:
  • *e??tasy*:
  • www.????girl.com:

Qualified wildcard rules

You can use a qualified wildcard rule to apply a wildcard rule to the path for a specified host name only. The rule consists of a host name wildcard rule immediately followed by a normal wildcard rule. If and only if a match is found with the host name, the following wildcard rule is applied to the path.

Here are some examples:

  • *google*:*sex*
  • www.????girl.com:*jpg

Important: Domain rules and host rules must never include a wildcard. As soon as you include a wildcard in a web rule, RM SafetyNet treats it as a wildcard rule and wildcard rules behave very differently from domain rules and host rules.



FEEDBACK
Did the information in this article help answer your question?
 Yes
 No
Please add any comments about this article in the box below. If you answered No then it is important you tell us why so that we can change the article if required. We can only respond if you log in to the RM Support website or provide your contact details. Note: If you need help with a technical query, please log a call online or telephone our support team.
Thank you for your feedback, which is sent directly to the RM Knowledge team. We address every message received with the intention of improving our Knowledge Library articles. If you have an unresolved technical issue, please contact RM Support.


If this article has not helped provide a solution then it is also possible to log a call...



Document Keywords: safeynet, safety net, filtering, webrules, URL, rules


Please read - important disclaimer information.
http://www.rm.com/_RMVirtual/Includes/csredirect.asp?cref=&title=Standard Content Disclaimer


Top Of PageTop of page