Lockdown
The Lockdown App lets you restrict access to websites in a Session by URL pattern, both through an Allow List and a Block List. By default, Sessions allow full access to the entire internet.
Format
Section titled “Format”- Allow List: Limits access to a predefined list of allowed URLs. Any attempt to navigate outside this list results in an error, which can be customized.
- Block List: Opposite of the grant list, it restricts access to a list of disallowed URLs. This provides flexibility for administrators to control which sites can be accessed.
URL restrictions can help manage security risks and ensure compliance with organizational policies. A string representation of the JSON array is expected. Every element of the array is an object with the following properties:
- pattern,
Regular Expression– The requested URL will be matched to this regular expression. - redirect (optional) – A URL to redirect the user to. You can also specify the special
{{referer}}pattern in the beginning of a redirect link, and that will be replaced by the Referer value at the moment of redirect. The user will be redirected to the page where they clicked the restricted link. - type (optional) – If present, and set to “all”, restriction will be applied to all requests (otherwise restrictions affect only requests to top-level pages).
Blocklist Example
Section titled “Blocklist Example”Restrict access to the website example.com. When the user tries to access example.com they will be redirected to the default page provided by Surfly
{ "pattern": ".*example\\.com.*"}Allowlist Example
Section titled “Allowlist Example”Allow access only to the example.com. When the user tries to access any other website they will be redirected to the provided redirect URL
{ "pattern": ".*example\\.com.*", "redirect": "https://example.com/restricted"}Use Cases
Section titled “Use Cases”Getting Started
Section titled “Getting Started”Enable the Lockdown App in the Session Editor.