FAQ 112: Importance of using regex for allowed keywords
Category: BlockedIP function | Updated: 3/6/2010 11:20:42 PM | Read: 327 (Last: 9/1/2010 9:17:04 PM) DNS Redirector v7.x allows for regular expressions (also referred to as regex or regexp) in the keyword lists.
Only keywords starting with a ^ will be compiled into a regular expression.
AllowedKeywordsFile=allowed.txt should always contain regex keywords because it is considerably more secure.
Cause
A plain keyword such as: malwarebytes.org is too generic because it would allow all of these domains... malwarebytes.org www.malwarebytes.org fakemalwarebytes.org <-- bad, not the legitimate site! malwarebytes.orgfake.example.com <-- bad, not the legitimate site!
Resolution
A better regex keyword is: ^malwarebytes\.org$ ...this allows clients to visit: http://malwarebytes.org But you also need regex keyword: ^.*\.malwarebytes\.org$ ...this allows clients to visit: http://www.malwarebytes.org ...and allows product updates from: mbam-cdn.malwarebytes.org
As seen in the example above, it is more secure to use these 2 regex keywords per site... ^example\.com$ ^.*\.example\.com$ In some cases using: ^hostname\.example\.com$ may be more appropriate.
This prevents false sites that contain the same domain name from being inadvertently accessible.
