Skip to content Skip to main navigation Skip to footer
Wavecrest Knowledge Base

Blog

How to bypass authentication requests from specific URLs

Category: Authentication Manager, Proxy Settings

In the CyBlock interface, go to User Management – Authentication and select the Bypass tab¹ ².

  1. Click the green button green button in the upper right-hand corner to add a new bypassed entry.
  2. Enter the applicable URL. Asterisks are accepted as wildcards.
  3. For “User-Agent,” enter an asterisk (*).
  4. Click Add.

Note:  Bypassed traffic does not return a user name, only an IP address. Traffic of this nature is logged under the ID “bypassed”. A report can be run on “bypassed” in order to see the IP addresses.

 

¹ For CyBlock version 9.0.5 and later: User Management – Authentication – Manager. Click Add new bypass entry at the bottom of the Bypassed list.

² For CyBlock version 6.8.3a and earlier: Advanced SettingsProxy SettingsAuthentication Manager. Click Add new bypass entry at the bottom of the Bypassed list.

What are # and $ characters in user names?

Category: Groups and IDs

The following explains the symbols that may appear in user names:

  • User IDs with appended $ characters are machine names that are contained within the browser header information. These names are unauthenticated server names submitting a request without the machine being logged on to. Since there is no user ID for the request, the machinename$ is used for the authentication challenge request.
    • If the user ID *$ does not exist in the VIP group, the machinename$ user ID is added to the Ungrouped IDs group.
    • If the user ID *$ exists in the VIP group, all unauthenticated machine traffic is compiled in the *$ user ID.
    • Filter policies are not applied to machine names, and they do not count against your license.
  • The IDs # and none# appear if the browser fails to send a proper user name when challenged by the proxy. This happens sporadically and is not easily reproducible in order to provide a direct resolution. The issue is currently under investigation.

If you have any questions, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

How to allow LinkedIn while blocking Social Networking

Category: Administration, Authentication Manager, Proxy Settings

LinkedIn is filtered under the Social Networking category. To allow LinkedIn, while continuing to block other Social Networking sites, you can create a custom allowed category.

  1. Navigate to Categorization – Customize – URLs¹.
  2. Select the Custom option, and enter a name for the allowed category.
  3. In the Custom URLs field, add the following entries (including asterisks). Each entry must be on its own line.
    – *.linkedin.com
    – *.licdn.*
  4. Click Submit.

Note:  Custom categories are initially allowed by default, but can be changed to fit certain policies.

 

¹ For CyBlock version 6.8.3a and earlier:

  1. Create a custom category by navigating to Advanced Settings – Category Setup – Custom Categories.
    – Enter a category name and click Submit.
  2. Add URLs to the custom category by navigating to Advanced Settings – Category Setup – Edit URLs.
    – Select your created category and enter the URLs in the Supplemental URLs field.

Changing time zone on appliance

Category: Administration

To set the time zone on the appliance, do the following:

  1. In your interface address bar, go to http://<IPaddress>/setadv.php and enable the adv flag setting
  2. Go to the ‘System Status — ADV Shell Scripts (Pre v905 – Go to http://<applianceIP>/admin/hidden.php and select the shell script link)
  3. Run the command:
    cp /usr/share/zoneinfo/America/<Time zone city> /etc/localtime
  4. Click Submit.
  5. Enter the date. (date -s “ddMMM YYYY HH:mm:ss”)
  6. Click Submit.
  7. You should now be on the correct time zone.

Here is a breakdown of time zone cities:

Los_Angeles = Pacific Time Zone
Denver = Mountain Time Zone
Chicago = Central Time Zone
New_York = Eastern Time Zone

Also this path cp /usr/share/zoneinfo/US has files specifically for Pacific, Mountain, Central, and Eastern time zones.

How to allow iTunes to bypass authentication

Category: Administration, Authentication Manager, Proxy Settings

Users configured to go through the proxy may experience connection issues with iTunes.

To allow iTunes to bypass authentication, two entries need to be added to the Authentication Manager.

  1. Open the CyBlock interface and navigate to User Management – Authentication¹ ².
  2. Select the Bypass tab.
  3. Click the green button green button in the upper right-hand corner to add a new bypassed entry.
    – For “URL or Domain,” enter *.apple.com (with asterisk). For “User-Agent,” enter an asterisk (iTunes/*). Click Add.
  4. Add a second bypassed entry.
    – For “URL or Domain,” enter an asterisk (*). For “User-Agent,” enter iTunes/* (with asterisk).

 

¹ For CyBlock version 9.0.5 and later: User Management – Authentication – Manager. Click Add new bypass entry at the bottom of the Bypassed list.

² For CyBlock version 6.8.3a and earlier: Advanced SettingsProxy SettingsAuthentication Manager. Click Add new bypass entry at the bottom of the Bypassed list.