Allow or Block DNS Resolution to Domains

Allow or Block DNS Resolution to Domains

When to block and allow sites

Use the block list and allow list functionality to make granular block and allow settings in a DigitalStakeout PDNS security policy.

Block and allow domain options
  1. Block site at the hostname, domain or tld level – Blocked hosts or domains will be immediately blocked with no additional processing.
  2. Allow site at the hostname, domain or tld level – Allow hosts or domains to never be blocked and override all security policy settings.
Step 1: Review your security policy

In the DigitalStakeout PDNS policy editor, administrators need to be familiar with the active allow/block policies lists that are mapped to a security policy. Modifying the policy lists will be immediately applied to policy that  is mapped to your sites, agents and browser deployment.

Step 2: Choose a block or allow list to modify

Chose a domain list that you want to edit. Allow lists are highlighted in green. Block lists are highlighted in red. You can also create a new list if you chose. Make sure the new list is mapped to a policy as in Step 1.

Step 3: Add domains to your block or allow list

In the policy list editor, add a host name or domain that you wish to block or allow. In this example, we will block access to xyz.com. Since the policy is mapped to your default security policy (as displayed in Step 1), when you hit “Save” the domain will be immediately start to be blocked.

Step 4: Verify block or allow by visiting a listed domain

To verify your policy list change, browse to the example xyz.com domain. Instead of being able to access the domain, you will be presented a DigitalStakeout PDNS block page. The block page will also have a reason displayed why the page was blocked.


    • Related Articles

    • Allow or Block DNS Resolution on CIDR Blocks

      When to block and allow networks Use the network block list and allow list functionality to make granular block and allow settings in a DigitalStakeout PDNS security policy. Block and allow options Block site at the network level – Records resolving ...

    • Implicit Deny ALL for DNS Resolution

      The principle of least privilege (PoLP), also known as the principle of minimal privilege or the principle of least authority, requires a process or function must be able to access only the information and resources that are necessary for its ...

    • How to Use DigitalStakeout PDNS to Block Access Russia's .ru, .su, and .рф Domains.

      You can used DigitalStakeout PDNS block DNS resolution to any Russian host name, domain or top-level domain. There are three types of Russian top-level domains .ru is the Latin alphabet Internet country code top-level domain (ccTLD) for Russia. .рф ...

    • Default DNS Security Policy Overview

      You are in 100% control as to how DigitalStakeout PDNS protects your systems.  Below is a detailed overview the your default security policy options. The default security policy is a good starting point for protecting your network and endpoints from ...

    • Managing Custom Block Pages

      What is a Block Page? A common feature in a DNS security or web security solution is a block page. default PDNS block page If a user attempts to access a blocked resource through a web browser, the security solution redirects the user to a hosted ...