Symptoms: Unable to upload files/document on a web site and users receive this error message. The error message is seen while logging into certain web sites.
AsyncOS Versions 6.0 and later provide a new feature called Data Security (IDS) filters. The IDS feature helps in blocking file uploads on certain web sites based on their WBRS score, URL category, or file size.
The notification message IDS_ACCESS_FORBIDDEN indicates that a file upload or access was blocked, based on the Data Security policy configuration.
Further, the BLOCK-WEBCAT code indicates that a particular URL category was configured to Block under:
GUI -> Security services -> Cisco Data Security
You can allow access by using either of these methods:
Monitor access in IDS policies
- Under GUI -> Web Security Manager -> Cisco Data Security
- Configure the particular URL category to Monitor
- Submit and Commit the changes
Allow access using a custom URL category
- Under GUI -> Web Security Manager -> Custom URL Categories
- Create a custom URL category for the web site (Include both domains like example.com, .example.com)
- Under GUI -> Web Security Manager -> Cisco Data Security
- Configure the above custom URL category to Monitor
- Submit and Commit the changes
Please note:
On AsyncOS versions 6.3 and later, the web site could also be categorized by Dynamic Content Analysis (DCA) engine. In order to verify this, please check if DCA is enabled under GUI -> Security services -> Acceptable Use Controls