DNS Security Filters and How They Work

Posted by: on

We recently added support for monitoring some of the most popular DNS security filters, as part of our ever expanding list of black lists and third-party threat intelligence data sources. This additional stream of data, will give you insight into what might be limiting traffic to your websites and other web applications.

How does DNS Filtering Work?

DNS Filtering– or Domain Name System Filtering – is a way to block websites, web applications, or IP addresses, which may have been flagged as malicious or unwanted in some way. The most common reasons for being flagged are because your website has been found to host malware (viruses) or phishing content. There are also security filters that focus entirely on adult content- for individuals or organizations that might want to restrict access, and create a family friendly web surfing experience.

Individuals and companies using these DNS security filters, will simply receive a “page not found” error, or a specific malware error page, when trying to visit a website flagged by the security filter. If your website ends up being flagged by one of these filters, you could instantly lose visibility to 10’s of millions of people on the internet- which could quickly add up in lost page views and lost revenue.

Can I Bypass DNS Filtering?

In most cases, yes; it’s relatively easy for individuals to switch their DNS services away from the DNS filtering servers, over to another service like Google Public DNS (8.8.8.8) or Cloudflare (1.1.1.1), provided their internet service provider doesn’t limit this access in some way. So these DNS filters by no means “block” your content from being accessed.

That being said, the average internet user likely doesn’t know how to make this change- or for that matter- even know what “DNS” is. All they really know is that they’re unable to reach the website they click on, or that their web or mobile application is no longer working. This is what makes DNS security filters so effective at filtering unwanted content.

How does RBLTracker Use DNS Filters?

We currently monitor the most commonly used DNS security filters- currently:

  • Quad9 DNS Security
  • OpenDNS FamilyShield
  • CleanBrowsing DNS Filter (Adult, Family, & Security)
  • Comodo Secure DNS
  • Yandex Safe DNS (Family & Safe)
  • Neustar (Business, Family, & Threat)

While checking your Hosts (domains and IP addresses) against hundreds of RBLs and URIBLs, we also check them against these DNS security filters, to see if your websites or web applications have been tagged. If your Hosts are being actively blocked or redirected to a DNS security “safe page”, then we’ll send you an alert right away, with all the details you need to get your site removed from their threat intelligence networks.

Sign up for RBLTracker today, and find out if your sites are being filtered!

Sign up for RBLTracker Today

Sign up today for free, and find out how much time and effort we can save you.