Secure Web Gateway
With Secure Web Gateway polices, Cloudflare for Teams allows you to set up two types of filtering:
- DNS filtering: filtering DNS queries from networks or devices.
- HTTP filtering: inspecting and filtering HTTP traffic over port 80 and 443 from enrolled devices. If the HTTP connection is within a TLS connection, the TLS connection will be terminated at Cloudflare Gateway so the HTTP traffic can be inspected (unless an administrator configures a bypass rule).
Check that a policy is working
Once you've created a policy to block a domain, you can use either
nslookup on your to see if the policy is working as intended.
If you are using a policy to block
example.com, you can do the following to see if Gateway is blocking
Open your terminal.
nslookup example.com) if you are using Windows) and press enter
If the Block page is disabled for the policy, then you should see
REFUSEDin the answer section like below:
If the Block page is enabled for the policy, then you should see
NOERRORin the answer section and 220.127.116.11 and 18.104.22.168 as the answers when the domain is successfully blocked.