Blocking .TLDs

Hey everyone,

In Gateway>Firewall Policy, what is the proper way to block TLDs ?
I have tried different ways but if I block with [.]xyz then it doesn’t just seem to apply to the TLD suffix and if it “xyz” exists anywhere in the hostname it blocked the site like would be blocked.

I figured out the syntax for anyone else still trying
Domain > Matches Regex> (^|.)xyz$

With xyz being the TLD.

1 Like