Technical Tip: How to configure a web rating override to authenticated users/user-groups for a blocked category in a web filter profile

Create a web-filter profile, and block the category in the FortiGuard category-based filter.

Go to Security Profiles -> Web Filter and select Create New.

Create another web-filter category for users to override the blocked category using another web-filter profile.

To use a user/user group to override the blocked category, allow users to override blocked categories and add another web filter profile.

Create a web rating override. It is possible to check categories and sub-categories using the Look up rating. The overrides in Custom Category point to another web-filter profile that has been created (web-filter 2).

Add user/ user-group to 'authenticate' in the custom category. 

To use the web filter profile in a security policy in the GUI:

1. Go to Policy & Objects -> Security Policy and click Create New.

2. Enter a name for the policy, and configure the remaining settings as required.

Under Security Profiles, enable Web Filter and select the web filter.

Now when a user in the user group tries to access a website which comes under the block category, it will override the user group using web-rating override. The user needs to authenticate using their credentials.

After authenticating, the user will be able to access the blocked website.