Allowing Embedded Vimeo™ Videos

Article #: Product Castle
KB-73 Guardian All

Summary

This article discusses how to allow embedded Vimeo videos without allowing users to access vimeo.com.

Problem

A lot of educational websites embed Vimeo videos into their website, however, if you are blocking the Audio and Video category these videos will be blocked.

Note: The Audio and Video category is included as part of the Core Blocked Content web filter policy, therefore is typically blocked by default.

Solution

Note: You need a HTTPS policy to be implemented for this to work.

  1. To create a new category, go to Guardian > Policy Objects > Categories.
  2. Under Manage categories, enter the name of the new category, for example, Vimeo Allow.
  3. Under Domain/URL filtering, add the following URLs:
    • player.vimeo.com/log
    • player.vimeo.com/crossdomain.xml
    • av.vimeo.com/crossdomain.xml
    • a.vimeocdn.com/p/2.1.18/js/player.js
    • vimeocdn.com
    • a.vimeocdn.com/p/2.1.18/css/player.css
    • player.vimeo.com/play_redirect
    • player.vimeo.com/video/<VIDEO_ID>
    • where VIDEO_ID is the unique 9-digit number given to each Vimeo video — it forms part of the video's URL. Add this URL for each video you need to allow.

  4. Click Advanced, and then under URL Patterns add the following:
    • vimeo\.com/.*<VIDEO_ID>
      where VIDEO_ID is the unique 9-digit number given to each Vimeo video — it forms part of the video's URL. Add this URL for each video you need to allow.
  5. Click Save.
  6. Create another custom category named Vimeo, which will be used in a HTTPS policy.
  7. Under Domain/URL filtering add the following domain:
    • vimeo.com
  8. To set up a Decrypt and Inspect policy, go to Guardian > HTTPS inspection > Policy wizard.
  9. Create a new policy with the following:
    • Who — Everyone*
    • What — Vimeo
    • Where — Everywhere*
    • When — Always*
    • Action — Decrypt and inspect
    • Make sure Enable Policy is ticked and click Confirm

  10. Next, set up a Web filter policy in Guardian > Web Filter > Policy wizard:
    • Who — Everyone*
    • What — Vimeo Allow
    • Where — Everywhere*
    • When — Always*
    • Action — Allow
    • Make sure Enable Policy is ticked and click Confirm

If Vimeo is not blocked for your organization, you can still use the Vimeo allow category created in step 2 in a block policy to prevent users from accessing vimeo.com but still allow specific embedded videos.

*You should change these based on your own needs.

Attribution:

Last updated: Author: Contributions by:
08 February 2017 Jonathan McKeague David Newton