Newbie Questions - Wildcard Polices and Categories

I am new to Cloudflare and cannot find answers to these two questions. Maybe someone can point me at the right documentation.

  1. I want to set up a Policy rule "Allow where Domain is “*” but not “bbc
    ie I want all “” subdomains, but not others like “

  2. How do I find out if a domain is in a category? Is there a way to look that up?
    sub-question - where do you get your category info from, and can I suggest an entry?

Thanks in advance

Hi @charles8,

If you use the ‘DNS Domain’ selector, I believe it will do what you want with blocking subdomains as well.

DNS Domain: Use this selector to match against a domain and all subdomains—for example, if you want to block and all subdomains of

DNS Host: Use this selector to match against only the hostname specified—for example, if you want to block only but not

I believe the categories used are the same as Cloudflare Radar, so you can go to to see the category. There is then also a ‘Submit categorisation feedback’ option on that page.

@domjh Thanks for the response.

The expression builder does not do what I hoped. In my example, I want to exclude a domain with “bbc” anywhere in the domain name except for the official domain/sub-domain ending in “”.

Any ideas how to do that?

On the category point - thanks that is helpful.


Oh, sorry I misunderstood what you wanted. So you essentially want a “contains” selector so you can make a rule like

domain contains bbc
domain is not

I’m not sure that is currently possible.

cc @pzimmerman

It would be really valuable if it did exist. It’s possible in pi-hole.

Also, on categories, do you know if the DNS organisations like Cloudflare actually remove dodgy domains like rather than putting them into a category? I would have expected to find it, but can’t.


@charles8 This sounds like you’d need to use regular expressions (the selector “matches regex”). You can validate your regular expression (we use rust on the backend) using this site:

1 Like