Skip to main content

How to Find Web Addresses to Block or Allow

Updated

URLs need to be simplified into a domain to be compatible with the Content Policy. This domain name can then be added to a rule to either block or allow that websites on all devices connected to your Content Policy.

The domain for a URL is usually before any forward slashes, while ignoring the first "http://" or "https://" part of the URL.

For example, the domain for the URL https://www.google.com/safesearch is:

google.com

This means a few important things to you if you're trying to block or allow a website on your Content Policy:

  1. A website can only be either completely allowed or blocked. The Content Policy can't block specific webpages on a website. For example, you could block "reddit.com", but not "reddit.com/r/some_sub_reddit"; either the entire websites is blocked or allowed.
  2. There may be cases where you can block a specific subdomain on a website that hosts videos, images, or other media, without blocking the entire website. 

You can still block websites by a keyword that appears in the full URL on your browsing by using Keyword blocking. This just can't be done with your Content Policy.

Domain vs SubDomain

There are cases where you may need to block a subdomain instead of the entire domain for a website.

For example, Google search is accessed by using this URL:

https://www.google.com/

You could block just Google search by blocking the subdomain:

www.google.com

Or, most Google-suite websites by blocking the primary domain:

google.com

A subdomain in this example is "www.google.com", but so are "business.google.com" and "workspace.google.com".

Find Hostnames and SubDomains for Images or Videos on a Website

Since you can block specific web subdomains instead of the entire website, there is the possibility to block certain features on a website instead of blocking altogether. This is how our rule presets work, and we already have several presets available for Twitter and Reddit. However, it's possible that these domains could get out of date, or you may want to repeat this result on another website.

Note that this will not work for every website. Only websites that have distinct hostnames or subdomains being used to host media separately from the main website can use this approach.

Find Image/Video Hostnames with a Browser

You can only repeat these steps on a browser (like Chrome or Edge):

  • Visit the website you're trying to block images, videos, or media for
  • Open inspector and open the Network tab

  • Filter requests by images (Img), then refresh the page to see results:

  • Click on one of the results, you should see an image preview:

  • You may need to use your mouse to expand the view, but check for a Headers tab:

  • Look for a Request URL field:

Some images are sent directly using the webpage, and won't have a Request URL tab available. If this is the case, there isn't a way for you to block the hostname for this image without also blocking the entire website.

  • Use the instructions in this guide to convert this URL into a domain. In the example above, the domain you'd like to block is:
gstatic.com
  • You could choose to block the subdomain as well:
encrypted-tbn0.gstatic.com

From our experience, it's usually a better idea to block the subdomain first. You'll need to repeat this process with multiple images to find as many subdomains as possible.

If you choose to block the entire image domain, you might run into issues with the functionality of icons or other features on the website. In the case of Google search, this is less of a problem, but it could break functionality for some social media sites.

Find Image/Video Hostnames with Traffic Logs

You can also find hostnames using Traffic Logs on your Content Policy. This takes more guess work, but is possible.

You'll need to visit the website that you'd like to block images or videos on. If you follow the same steps as in the previous section (do a Google search for apples), you might get some traffic logs that look like this:

Generally, you'll want to look for DNS requests that match the Content Servers DNS category, since it usually indicates that the hostname you're looking at isn't used to host a website.

In the example above, you can see that I've highlighted two domains. Since you have less visibility into what each domain does, you may have to test many of the domains you see listed and test several of them at once. Without the additional information you get from the browser, it's difficult to guess which are used to perform search, analytics, or host images.

Troubleshooting

Use an incognito mode to test quickly

Most web browser will cache recent DNS requests locally, and this can interfere with your testing.

After blocking the domains you'd like to test, we recommend using an incognito mode or private browsing window on your browser, since this starts with a fresh cache each time you open it.

Once you've confirmed that the correct domains are block, you can reset your browser's cache.

Not all images are blocked

This is sometimes the case if an website uses a mix of image hostnames and local caching. There may be a limit to what images or videos can be blocked on a website, and this can't be worked around using a DNS content policy.

Block images directly from the browser

If you have a Mac computer, you can use the Config Generator to to block images on an entire domain.

Related to

Related articles