Filtering on Top-Level Domain Extensions in School Manager

This article is for IT support.

A high-level overview of domain structure showing the subdomain, domain, Top-Level Domain (TLD), TLD Extensions and Country Code TLD. School Manager allows you to apply policies to Top-Level Domain Extensions (TLDE) or Country-Code Top-Level Domains (ccTLD), allowing you to block or allow all websites within that TLDE or ccTLD.

For example, you may wish to block all websites with the .tk or .ml TLDE, or allow all websites within the .nz or .uk TLDE. In this example, we have blocked the .uk Country Code TLD. The user can access google.com, but google.co.uk is blocked.

 

Blocking or Allowing a Top-Level Domain Extension

Blocking or Allowing a TLDE is a two-step process that requires you to:

  1. Create an Object Pool containing TLDEs you want to block.
  2. Create a content filtering policy using the new Object Pool. 

 

Creating a special TLDE Object Pool

Important

Please pay particular attention to step 3, even if you are familiar with creating Object Pools.

    1. In School Manager, go to Configurations > Objects > Pools 
    2. Create a new Object Pool using the Website List type. Make a note of the Pool’s name.
    3. Add two entries for each TLDE you want to create a filtering policy on:
      • One that includes the period at the start of the TLDE. For example, .tk, .ml, .nz

      • One that omits the period at the start of the TLDE. For example, tk, ml, nz

An example Object Pool that can be used to filter on the .ml and .tk TLD extensions. Note that each domain is listed twice, once with a period before the domain and once without.

 

Creating the Block or Allow Policy 

  1. Go to Filtering > Content Filtering
  2. Select + Create Policy
  3. Name the Policy according to your naming conventions. We recommend something like: [Action] - [Pool Name] Object Pool - [Scope].
    For example: Allow - New Zealand TLDE Object Pool - All Users

Force Block - Commonly Malicious Domains Object Pool - All Students

  • Enter the name of the Object Pool into the Search for Website/Category field and select it from the dropdown list. It will appear as a Custom List category.
  • Set the remaining fields as required and select Save
  • Check the order of your policies and, if necessary, rearrange the order so that the new policy:
    • Sits below any exceptions to the new policy
    • Sits above any policies the new policy should override

In this example, the policy ensures that key internet infrastructure sites are always available, which sits above the new policy blocking commonly malicious domains. This ensures that those infrastructure sites will be available even if they have a domain on the blocked list.

Tip

You can update this policy with more entries by editing the entries in the Object Pool. Simply open the Object Pool and add/remove entries. 

 

Frequently Asked Questions

Why do I need to make two entries for each TLDE?

Two of the key components of your filtering system, School Manager and your Linewize appliance, read domains differently. One requires a period at the start to ‘see’ the domain, while the other won’t ‘see’ it if it does. We’re working on changing this so that they both read domains in the same way.

Can I use the Domain List Object Pool instead of the Website List type?

No. You can’t use the Domain List Object Pool type to filter TLDEs. You must use the Website List type.

Can teachers create filtering policies on TLDEs using Classwize?

No. You can only create and apply filtering policies on TLDEs in School Manager.

What happens if I create a policy using .com, .org, or another common Top-Level Domain as a TLDE?

Warning

Do not create policies for common Top-Level Domains unless absolutely necessary.

Blocking Top Level Domains is possible but can interfere with your network's operation and your ability to teach classes. For example, applying a block to the .co TLD applies to all sites using the .co TLD, including all .co.uk, .co.nz, .co.jp and .co.kr domains. Blocking the .com TLD would block all .com sites, including all .com.au sites and core internet infrastructure sites like google.com or aws.com.

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.