I thought I’d show you a simple way people can potentially access blocked sites using Google’s Web Cache, and how you can use Sophos UTM to prevent it.
Google crawls, indexes and caches all websites on the Internet in its mission to organize the world’s information. What you may not know is that you can access Google’s cached copy of any website using a simple cache: directive in the Google search box. This includes websites that your company, school or organization is actively blocking with URL filtering.
In the video above, I demonstrate how to use Google’s Web Cache to access YouTube.com after creating a web filter policy in Sophos UTM to block it.
The technique is quite simple. Go to google.com and enter cache: followed by the site you want to access. For example:
Because content is retrieved the webcache.googleusercontent.com domain, it does not match any URL filters you have defined, such as YouTube.com in my example.
After investigating the allowed traffic using Fastvue Sophos Reporter, I discovered that Sophos UTM was categorizing the webcache.googleusercontent.com domain as Anonymizing Utilities, and blocking that category was the best way to prevent the bypass technique.
Watch the video for more information, such as the effect of using Application Control to block YouTube through the Google Web Cache.
I hope this helps! If you found this useful, let me know in the comments!