URL filtering implicit ALLOW or implicit DENY

I know for Firewall security policy it will always be an implicit DENY as the last rule.

What about URL filtering rule? I assume it will be implicit ALLOW? But I could not find an official answer on Zscaler support website, can someone confirm for me on this?


when you goto Policy->Access Control->URL&Cloud App Control you should see this message on top:

“Rules are evaluated in the order specified. Rule evaluation stops at first match. Cloud app control policies take priority over URL policy. Default policy which is not visible is to allow all.”

Hi Dan,
URL filtering rules are implicit allow. If you wish to switch it to implicit deny, you can create a deny-all policy as the last rule.

Warm Regards,