Skip to content

Instantly share code, notes, and snippets.

@grovesNL
Last active August 14, 2023 17:03
Show Gist options
  • Save grovesNL/2d00b568038bd28896d44d1b5b3299cd to your computer and use it in GitHub Desktop.
Save grovesNL/2d00b568038bd28896d44d1b5b3299cd to your computer and use it in GitHub Desktop.
Unblock domains from security filters

What is this?

When you register a new domain and start hosting content there, people might not be able to view it if they're behind some kind of security software or hardware that filters by domain (e.g. web/content/DNS filters). This is because the domain is new and hasn't been categorized by the security filter, and filters commonly don't allow traffic to uncategorized domains.

Usually people can contact their security provider to request the domain to be unblocked, but:

  • this process can take a few days or longer
  • sometimes this has to be handled by IT internally and might not be escalated to the provider
    • because of this, sometimes the domain will just be unblocked for a set of people (e.g. everyone at a company) and other companies have to repeat this
  • depending on how the filtering is implemented (e.g. how requests/responses are intercepted), websites might just appear broken instead of getting an explicit message about the website being blocked
  • usually this approach is reactionary, because people don't know the website is blocked until they try to use the website
    • this is really unfortunate for software-as-a-service because people might not realize the filtering is even active until they sign in to use the software they purchased

Even worse is that some security filters will probably filter by subdomain too, so even new subdomains could be problematic unless there can be some kind of wildcard/pattern categorization for the entire domain.

What we can do

If you've recently registered a domain, you might want to contact common security filters proactively and request that the domain be categorized with some appropriate category.

Doing this proactively might allow you to avoid situations where somebody tries to view your website and hits the security filter (sometimes in non-obvious ways, like the website appearing broken).

Here are some common web/content/DNS filters that companies use:

@pgl
Copy link

pgl commented Sep 29, 2021

For DNSFilter, domains classified under "New Domains" also have that category removed after 30 days.

@grovesNL
Copy link
Author

@pgl thank you! I updated the description

@talloula
Copy link

@grovesNL I would add Barracuda to this list https://www.barracudacentral.org/lookups

@grovesNL
Copy link
Author

@talloula thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment