URL Filter not working on RT-AX86U

[Warbird]

Hello, Sorry if this is a dumb question.
I am trying to block facebook.
I have entered all forms of facebook and fbcdn, com&net into the URL Filter page Deny List, on my RT-AX86U, to no avail.
It is as if the page does nothing.
What am I missing?

 

[OzarkEdge]

Hello, Sorry if this is a dumb question.
I am trying to block facebook.
I have entered all forms of facebook and fbcdn, com&net into the URL Filter page Deny List, on my RT-AX86U, to no avail.
It is as if the page does nothing.
What am I missing?

Did you enter it like this and then select Apply?

OE

 

[eibgrad]

URL filtering is an old methodology that dates back to the days when there were few, if any, secure protocols. Everything was in the clear. And URL filtering therefore could search the clear text of the payload for a match. But over the years, as secure protocols like https and others have become the norm, the effectiveness of URL filtering has diminished dramatically. So much so, that I personally believe it should be eliminated from the GUI. But OEMs don't like the idea of removing features from their feature list, even when they prove less ineffective (consider how many still support PPTP).

Long story short, it's simply NOT a good idea to rely on URL filtering anymore. You're better off to use other methods, such as blocking the domain name via DNSMasq, or resolve IP of those domains w/ the firewall. I believe things like Merlin + Diversion offer such capabilities as well.

 

[Warbird]

Yes OE I did.
Do I need to restart the Router?

 

[Warbird]

URL filtering is an old methodology that dates back to the days when there were few, if any, secure protocols. Everything was in the clear. And URL filtering therefore could search the clear text of the payload for a match. But over the years, as secure protocols like https and others have become the norm, the effectiveness of URL filtering has diminished dramatically. So much so, that I personally believe it should be eliminated from the GUI. But OEMs don't like the idea of removing features from their feature list, even when they prove less ineffective (consider how many still support PPTP).

Long story short, it's simply NOT a good idea to rely on URL filtering anymore. You're better off to use other methods, such as blocking the domain name via DNSMasq, or resolve IP of those domains w/ the firewall. I believe things like Merlin + Diversion offer such capabilities as well.

I see. I was wondering if something like HTTPS:\\ was the culpret.
I am not familiar with DNSMasq or other techniques.
I would rather not go down the Merlin route.
I did try OpenDNS for a while, but I had other weird issues with them when my WAN ip changed and their updater did not pickup the change.
Which is the most straight forward approach?
I would rather not put a HOSTS file on every client (many of which are not Windows).

 

[OzarkEdge]

Yes OE I did.
Do I need to restart the Router?

View attachment 41408

I did not have to reboot my AX86U to get the filter string facebook to block access to facebook.com.

OE

 

[evlo]

Did you figure this out? I remember it working for me, but then isp started blocking dnsqueries to some urls, I did add the dns like cloudflare somewhere in the router settings, and since then I was not able to get it working.