Block A Website

I try Block Website(Facebook, Porn, etc…)by Dome but it isn’t working. I block facebook by https(port: 443), after that i can’t access website https(Gmail, youtube,…). So how can i block website by Dome?
P/S: Sorry about my english not good :stuck_out_tongue:

Hello @john_cena,

Good day, may we verify how you tried to block the website for us to guide you further on the issue? You may block the facebook by selecting “Social Networking” and for porn sites “adult/sexuality” under category rules and apply it to the network. Another option is to add the website to Black/Whitelist and apply the rule to the network. For further guidance, you may refer to the link below on how you may configure and the rules and apply it to the network.

After applying the rules to I recommend restarting the device or running the cmd command flush dns.

Please let us know if the guide works for you or if you need further assistance. Thank you

I use Dome Firewall Free to block the website. I’m not use Dome Shiled. :slight_smile:

Hello @john_cena,

We appreciate for clarifying the dome product that you are using. For the Dome Firewall, you may refer to the link below on how you may set the policy.

Thank you,

Hello @Samuel_C ,
I tried to block follow your guide but it doesn’t work :frowning:


Hello @john_cena,

Thank you for showing the settings. We will be creating a support ticket for you to further assist you with the issue and request further information to resolve this matter. Thank you

hi john_cena,

Try creating a rule as following:

Incoming Interface: LAN
Outgoing Interface: INTERNET
URL Filtering : On and Select facebook.

and please leave everything else blank.i.e Source Address, Destination Address, Service/Port and etc.

Just like this:

It should work fine. After trying please share the results…

Hi @bulut ,
I want to block fb in my lan , and I did try to do that as your instruction but it dìdn’t work. Still fail to block fb but access normally :confused:

Hi my friends. I tried block fb by Comodo Dome Firewall but, it doesn’t work.
See this video please!!!

hi john_cena,

Thanks for the video, that helped alot.

Please create following rule :

Incoming Interface: LAN
Outgoing Interface: INTERNET
URL Filtering : On and Select Social Networking OR add into Blacklist.
SSL Interception: On (do NOT forget to download the MITM certificate of Dome Firewall by visiting: PROXY > HTTP/HTTPS and go to HTTPS tab then Create a New Certificate and install it into your browser. This might help : )

this will make it work.

Looking forward to your reply!

Hi @john_cena

I would tackle it in the following way as Dome Shield works perfectly and Dome Firewall is still a little behind on development.

  1. Configure Dome Firewall to use Dome Shield DNS on the outgoing interface
  2. Configure Dome Shield to accept your external IP address of your internet connection
  3. Configure Dome Shield policies and rules to block what is needed

Advantages of doing this way are: -

  • Central system for all clients
  • Reporting direct into your dashboard
  • Branded/Custom block pages
  • Simple and easy to use without messing with complex fragile firewall rules and routing
I hope this helps!

Thank for your help. I’ll try it and reply the result :wink:

I want to try with Comodo FW first and configure Dome Shield later. Two better than one :rolleyes:

I know what you mean, but from experience we have shelved Dome Firewall for the moment as it is not ready for production meaning we have jumped back to IPFire which is rock solid and by far the best firewall software in the opensource arena at present.

As an MSP we try to stick to one way of doing things, obviously the way that works but also a way that is manageable and can be replicated over and over so you get a consistent customer base with streamlined support.

The issue with doing DNS twice compared to maybe a firewall AV scan and a desktop AV scan is that DNS lookups take time, slow down the user experience and could cause issues with web page access; let alone trying to work out which level is blocking a site by mistake or not.

Just some random thoughts on the subject, but hope it helps and you are able to get the right solution for you.