1 Reply Latest reply on Mar 16, 2015 4:53 PM by jstormo

    Blocking Internationalized Domain Names

    jstormo

      I'm trying to figure out how to block domains and domain suffixes which are using an internationalized domain name. The names begin with ascii xn-- and continue from there. An example site would be: xn--rksmrgs-5wao1o.josefsson.org.

      I've tried wildcard/regex matching for "*xn--*" being in domain but that doesn't seem to work and ruletracing is showing the site hitting as: http://r%C3%A4ksm%C3%B6rg%C3%A5s.josefsson.org/ when web gateway sees it. I've also tried blocking "*%*" in the domain name but also no success. Any idea on how I should go about this?

      Goal: Block sites using IDNs within domain or domain suffix.