| Description | This article explains how to exempt or block the top-level domain (TLD) names for websites using the URL filter feature. |
| Scope | All FortiGate Firmware. |
| Solution |
A top-level domain (TLD) is the highest level in the Domain Name System (DNS) hierarchy of the Internet. It is the part of a website's address located to the right of the dot (e.g., .com, .org, .net). TLDs play a crucial role in identifying the nature or purpose of a website's domain name and are an essential part of a URL (Uniform Resource Locator) used to access web pages.
This URL filter is configured to block or allow a specific top-level domain (TLD) for websites (e.g., .com, .org, .net). All other websites using that configure TLD will be blocked or allowed as the filter is configured with Regular Expressions (regex).
Configuring a URL filter:
In the following example, a URL filter will be created to block the.net TLD using a regex. Configuring a URL filter in the GUI To create a URL filter for .net TLD:
CLI:
The syntax in the CLI for configuring an entry is:
config webfilter urlfilter edit <1> set name "name" config entries edit 1 set url ".*\\.\\bnet\\b" set type regex set action block set status disable next end next end
To attach the URL filter table to an existing or a new webfilter profile:
config webfilter profile edit "Net Filter" <----- Name of the web filter profile. config web set urlfilter-table 1 <----- Where 1 is the URL filter table ID, this number can be found in 'config webfilter urlfilter': the URL filter created with the ID number. end config ftgd-wf unset options end next end
Verifying the URL filter results
Verify the URL filter results by going to a blocked website. For example, upon visiting the speedtest.net website, the replacement message appears:
To check web filter logs in the GUI:
Related articles: |
