In this article
An Allow List–Only policy blocks all domains by default, allowing access only to domains added to the Allow List. This method functions as a “default deny” configuration, where DNS requests are denied unless explicitly permitted.
After enabling Allow List Only, DNSFilter blocks all DNS requests except those explicitly added to the Policy’s Allow List, ensuring strict network access control.
⚠️ This includes DNSFilter domains
DNSFilter domains are not automatically exempt from an Allow List–Only policy. If this policy is applied to an Organization that requires access to the DNSFilter dashboard, add the following domain to the Allow List to prevent loss of access:ip.dnsf.com.
When Allow List Only is enabled:
- All tabs in the Policy menu except Settings and Allow List are greyed out
- All options on these disabled pages are unavailable
- The Policy ignores all other settings and allows only the domains listed in the Allow List
Enable an Allow List–Only Policy
- From the DNSFilter dashboard, navigate to Policies and select Filtering
- Select an existing policy or create a new one
- Open the Settings tab
- Toggle on Enforce Allow List Only
- Tab to Allow List and add domains to permit
- Select Save Policy
Only these domains will resolve under the Policy. All other DNS requests will be blocked.
Important Notes
- Websites often rely on multiple domains and services. Adding a single domain to the Allow List does not guarantee the entire site will function
- Refer to the Pages Not Loading guide for tips on identifying dependent domains
Comments
0 comments
Please sign in to leave a comment.