How do I create a Zero Trust access wild card?

I have a domain that I want to protect with the self-hosted access (already set it up), but also any URL on that domain. How do I do this? The domain is protected, but not URLs on the domain. I can’t figure it out.

Any assistance is always greatly appreciated.

Two zero Access policies for a given domain assuming a deny all by default.

One for the root domain and one for * which have a policy which can’t be passed. And the subsequent policies for hosts which are explicitly meet the logon conditions.

1 Like

So, it is blocking just fine, but is not blocking <= There are multiple URLs. How do I block those?

Not sure if this helps, but the WAF is before Access if you wish to block specific URLs…