How To – Allow Read-Only Access of Facebook
How To – Allow Read-Only Access of Facebook
Applicable Version: 10.00 onwards
Scenario
Allow Read-Only access of Facebook to users such that they can ONLY view their wall and profile. All
other activities are restricted.
Configuration
You must be logged on to the Web Admin Console as an administrator with Read-Write permission
for relevant feature(s).
Step 1: Create a Custom Web Category
Create a Custom Web Category consisting of apps.facebook.com. To create a web category, go to
Web Filter > Category > Category and click Add to create a new category.
How To – Allow Read-Only Access of Facebook
Include the following URLs in the category, as shown below:
Feature to Block
Facebook Apps
Facebook Chat
Facebook Commenting
Facebook Events
Facebook Games
Facebook Mail
Facebook Message
Facebook PhotoUpload
Facebook Post Attachment
Facebook Posting
Facebook Questions
Facebook Status Update
Facebook Video Upload
Click OK to save category.
URL
apps.facebook.com
facebook.com/ajax/mercury/send_messages
facebook.com/ajax/chat
facebook.com/ajax/messaging/typ.php
channel.facebook.com
facebook.com/ajax/ufi/add_comment
facebook.com/events/
apps.facebook.com
facebook.com/ajax/mercury/send_messages
facebook.com/ajax/chat
facebook.com/ajax/messaging/typ.php
channel.facebook.com
facebook.com/messages
facebook.com/ajax/photos/upload/overlay
upload.facebook.com
pixel.facebook.com/ajax/photos
facebook.com/ajax/composerx/attachment/media/upload
facebook.com/ajax/updatestatus.php
facebook.com/ajax/questions/save.php
facebook.com/ajax/updatestatus
facebook.com/ajax/video/upload/simple
pixel.facebook.com/ajax/video/log/upload
facebook.com/ajax/video/upload
How To – Allow Read-Only Access of Facebook
Step 2: Create Web Filter Policy to Block Facebook Applications
Go to Web Filter > Policy > Policy and click Add to create a new Web Filter Policy named
Block_FB_Apps.
Click OK to save the Policy.
Step 3: Configure Rules for Web Filter Policy
Select the Policy ‘Block_FB_Apps’ created in step 3 and click Add to add the Web Filter Policy Rule
according to following parameters.
How To – Allow Read-Only Access of Facebook
Parameter
Category Type
Value
Web Category
Category
FBApps
HTTP Action
HTTPS Action
Schedule
Description
Select Category Type for which the rule is to be added.
The category created in step 1. You can also search
the category name from the search text box provided.
Deny
Select HTTP and HTTPS action.
All the time
Select the Schedule for categories selected.
Click Add to add the rule.
How To – Allow Read-Only Access of Facebook
Click OK to save changes to the policy.
How To – Allow Read-Only Access of Facebook
Step 5: Apply Policy to Firewall Rule or User/User Group
Firewall Rule
You can apply the policy through a Firewall Rule such that it is applied on all traffic that hits on that
rule. Make sure you keep HTTPS scanning enabled to block HTTPS-based Facebook Games. To
create a Firewall Rule, go to Firewall > Rule > Rule and click Add. As shown below, apply the Policy
created in step 1.
Click OK to create the Firewall Rule.
Note:
When you enable HTTPS scanning, the web browsers prompt a warning message if the Certificate
Authority (CA) for the certificate used by the Cyberoam SSL inspection is not known by the browser.
For this, install the SSL CA Certificate in your browser. Refer to the article SSL CA Certificate
Installation Guide for details.
How To – Allow Read-Only Access of Facebook
User/User Group
You can apply the rule to individual users or user groups. Here, as an example we have applied the
rule on a user named John Smith. To apply the policy on an individual user, go to Identity > Users >
Users and select the user on whom policy is to be applied, i.e., John Smith. As shown below, apply
the Policy created in step 1.
Click OK to apply policy on the user.
Document Version: 1.0 – 9 July, 2014