Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block incoming URLs

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 9 Offline
      935main
      last edited by

      I have to open up ports 80 & 443 to an internal exchange server to allow for EAS (Exchange ActiveSync), but I don't want to upen up access to other virtual directories also hosted on the exchange server that also use ports 80 and 443.  Is there any way I can set up a filter on my PfSense box (1.2.3-Release) to allow traffic on 80 and 443 to certain URLs (e.g. /OWA, /Exchange, etc.) but block others (e.g. /Remote, /Secret)?

      Is such a thing possible?  How would I go about doing it?  When I look in the firewall settings, it looks like a port is either fully open or fully closed - there's no possibility of finer-grained filtering at the application level. :(

      Hoping there's a way…

      1 Reply Last reply Reply Quote 0
      • ? This user is from outside of this forum
        Guest
        last edited by

        Its not possible using the firewall, consider using ACLs with your web server, which can be done with IIS.  Alternatively, if you really feel that you need this level of overkill, you can solve this with a reverse proxy like Varnish.  No reason to do this though, ACLs with your web server are the solution.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.