Blocking specific top-level domains (TLDs) such as
.xyz
,.xxx
, and.zip
using Artica Proxy ACLs offers several key benefits, particularly in enterprise or tightly controlled environments.These TLDs are often associated with malicious activities like phishing, malware distribution, and spam. By blocking them, you significantly reduce exposure to untrusted or suspicious domains.
This approach also minimizes the attack surface by preventing employees or systems from inadvertently accessing domains registered under new or unregulated registries. It supports zero-trust security models, where access must be explicitly granted, ensuring stricter control over network traffic.
For this case, we will use the Web server or domain (regex)
object
ACLs Proxy > Advanced access rules
”\.xyz$ \.xxx$ \.zip$
separated by a carriage return.