URL Filter not working on RT-AX86U

Warbird

New Around Here
Hello, Sorry if this is a dumb question.
I am trying to block facebook.
I have entered all forms of facebook and fbcdn, com&net into the URL Filter page Deny List, on my RT-AX86U, to no avail.
It is as if the page does nothing.
What am I missing?
 

OzarkEdge

Part of the Furniture
Hello, Sorry if this is a dumb question.
I am trying to block facebook.
I have entered all forms of facebook and fbcdn, com&net into the URL Filter page Deny List, on my RT-AX86U, to no avail.
It is as if the page does nothing.
What am I missing?

Did you enter it like this and then select Apply?

1653505209819.jpeg


OE
 

eibgrad

Part of the Furniture
URL filtering is an old methodology that dates back to the days when there were few, if any, secure protocols. Everything was in the clear. And URL filtering therefore could search the clear text of the payload for a match. But over the years, as secure protocols like https and others have become the norm, the effectiveness of URL filtering has diminished dramatically. So much so, that I personally believe it should be eliminated from the GUI. But OEMs don't like the idea of removing features from their feature list, even when they prove less ineffective (consider how many still support PPTP).

Long story short, it's simply NOT a good idea to rely on URL filtering anymore. You're better off to use other methods, such as blocking the domain name via DNSMasq, or resolve IP of those domains w/ the firewall. I believe things like Merlin + Diversion offer such capabilities as well.
 

Warbird

New Around Here
URL filtering is an old methodology that dates back to the days when there were few, if any, secure protocols. Everything was in the clear. And URL filtering therefore could search the clear text of the payload for a match. But over the years, as secure protocols like https and others have become the norm, the effectiveness of URL filtering has diminished dramatically. So much so, that I personally believe it should be eliminated from the GUI. But OEMs don't like the idea of removing features from their feature list, even when they prove less ineffective (consider how many still support PPTP).

Long story short, it's simply NOT a good idea to rely on URL filtering anymore. You're better off to use other methods, such as blocking the domain name via DNSMasq, or resolve IP of those domains w/ the firewall. I believe things like Merlin + Diversion offer such capabilities as well.

I see. I was wondering if something like HTTPS:\\ was the culpret.
I am not familiar with DNSMasq or other techniques.
I would rather not go down the Merlin route.
I did try OpenDNS for a while, but I had other weird issues with them when my WAN ip changed and their updater did not pickup the change.
Which is the most straight forward approach?
I would rather not put a HOSTS file on every client (many of which are not Windows).
 

OzarkEdge

Part of the Furniture

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top