Adding Items to the HTTPS Scanning Exclusion List
When HTTPSHypertext Transfer Protocol over Secure Socket Layer (SSL). inspection is enabled, by default this applies to all HTTPS sessions passing via the GFI WebMonitor Proxy. Administrators may however wish to exclude some domains, users, or client IPs from having their sessions inspected. This is achieved by adding them to the HTTPS scanning exclusion list.
IMPORTANT
Backup ProxyConfig.xml before making any changes.
Excluding Domains
1. Open ..\WebMonitor\Data\ProxyConfig.xml
2. Remove <DomainsExceptedFromHTTPSInspection /> tag
3. Add the sites exclude between a DomainsExceptedFromHTTPSInspection tag. For example:
<DomainsExceptedFromHTTPSInspection>
<string>www.domain.com</string>
<string>*.domain.com</string>
</DomainsExceptedFromHTTPSInspection >
4. Save file.
Excluding Users
1. Open ..\WebMonitor\Data\ProxyConfig.xml
2. Remove the <UsersExceptedFromHTTPSInspection /> tag
3. Add the users to be excluded between a UsersExceptedFromHTTPSInspection tag, for example:
<UsersExceptedFromHTTPSInspection>
<string>mydomain\user1</string>
<string>mydomain\user2</string>
</UsersExceptedFromHTTPSInspection>
4. Save file.
Excluding Client IPs
1. Open ..\WebMonitor\Data\ProxyConfig.xml
2. Remove the <UserIPsExceptedFromHTTPSInspection /> tag
3. Add the client IP addresses to be excluded between a UsersExceptedFromHTTPSInspection tag, for example:
<UserIPsExceptedFromHTTPSInspection>
<string>10.0.0.11</string>
<string>10.0.0.23</string>
</UserIPsExceptedFromHTTPSInspection>
4. Save file.
NOTE
Changes are applied as soon as the file is saved.