I would like to block websites/domains and there seem to be two competing mechanisms. What are the pros/cons of each?
I am looking to block *.xyz.xyz.com both from HTTP and HTTPS and anything else for that matter.
One way is an outbound firewall rule with a destination of a domain name
advanced -> access rules -> Outbound firewall rules -> Destination IP and Port -> Domain name
The other way is web blocking
advanced -> content blocking -> web blocking -> Customized domain
The manual and UI say that web blocking with a customized domain does **not **block HTTPS. There is no documentation in the Surf SOHO User Manual from Jan. 2016 for firmware 6.3 about using a Domain name in an outbound firewall rule. Does that block HTTPS?
I realize that I could also front end (my term) DNS in the router and assign xyz.xyz.com to 127.0.0.1. I would expect that would block HTTPS. True? However, I really want to block *anything *that ends with xyz.xyz.com and I dont think this would block aaa.xyz.xyz.com and bbb.xyz.xyz.com.