Expiring whitelists/blacklists entry
Kenneth Lubar
It would be useful to be able to add a temporary whitelist/blacklist entry. We occasionally need to whitelist (or blacklist) a domain but don't want it permanently added. It would be great if we could indicate that this rule automatically expires in X days.
And I guess we'd need a way to see expiring/expired rules.
Steve Staden
Merged in a post:
Block for a period of time.
Magnus
I'm reporting a phishing domain that I know is dangerous. In the same UI, you allow me to add to my block lists. However, I don't want my block list to be long and messy. I assume you will confirm my report and mark the domain as phishing, then I'd like add the domain to my block list until you update your end. Once the domain is marked as phishing, then the domain drops from my manual block list.
Jessica
I would also like to see the reverse. Allow for a period of time. Sometimes I know a site is miscategorized and while support is fairly quick at getting that addressed, I do have to add the URL to the allow lists to allow the client to access immediately.
Joel Biddle
Jessica There is an existing feature request for this here: https://dnsfilter.canny.io/feature-requests/p/expiring-whitelistsblacklists-entry
I also think this is an important feature. Our most common allow list request is for new domains our clients are building, which are blocked via the "New Domains" for 30 days. It would be amazing to be able to allow something for 30 days and then let it drop off the list, at which point the domain would no longer need to be allowed to get around the "New Domains" security category.
Joel Biddle
One of the most common service desk requests from clients related to DNS Filter is to add a new domain to the allow list. Block New Domains and Very New Domains is an essential best practice for security, but once you've verified that the site is only being blocked because it's new, the need to globally allow the site goes away 30 days later.
Being able to set an expiration date when adding a domain to the allow list would allow us to keep the allow and block lists clean, instead of having to go back 30 days later and delete the entry. This would potentially half the management time for our global allow / block lists, in that we can spend 15 minutes adding a new domain to the allow list and let the entry expire, instead of spending 15 minutes adding the domain, scheduling follow-up for 30 days later, then spending 15 minutes removing the entry (15 minutes is just our minimum billable event). The principle is that we can eliminate the follow-up task entirely if we can set an expiration when creating the allow or block list entry up front.
Steve Staden
Merged in a post:
Temporary whitelisting
Kenneth Lubar
It would be really helpful when whitelisting a domain if the suggested cname got automatically grouped with the "source: domain that was added. This would make it much easier to back out of a temporarily added whitelist domain.
SImilarly, it would be great if I could whitelist a domain for a period of time and then the whitelist automatically removed.
The situation here is that I'm asked to whitelist a domain, but don't want to make it permanent. Without a lot of external record keeping, there is no easy way to do this.
Thanks
(sorry, I first submitted this as a support request)
Mikey @DNSFilter
Merged in a post:
Allow Timed Items in Allow/Block Lists
Kurt Ketcham
Add the ability to create timed items in allow/block lists. This will allow admins to set timed items that expire after a defined number of days. For example, this would provide a temporary bypass of legitimate websites classified as New Domains. The bypass would automatically remove itself after the timer expires. This would ensure cleaner allow/block lists.
Aaron
This also helps when you are blocking "New Domains". You could whitelist a new domain for 30 days until it falls out of that new domain category, and then have it removed from the whitelist automatically.
Isaac Good