Block Page Policies, Payment Status

Block Page Policies

Previously, Block Page settings were only configurable at the Network level; this meant customers wanting to have the same Block Page logo and/or behavior had to repeatedly configure the same settings for each Network.

Block Page settings can now be configured as a separate entity under Policies, which allows customers to use the same Block Page settings for numerous networks.

Existing Block Page settings have been migrated to the new Policies --> Block Pages tab, and existing customers will need to consolidate as necessary.

The Block Page policies are then assigned in the Networks section.

Block Page Bypass remains a per-network option, as our survey results overwhelmingly showed that customers prefer to enable this feature on a per-network basis.

Payment Status of invoices is now available in the Organization section in the Billing Info tab.

Dynamic DNS over HTTPS

We now support Dynamic DNS (DDNS) updates over HTTPS to all supported DDNS providers.

Example ddclient config with ssl enabled.

Any questions or issues should be directed to support.

Multi-User Support, Organization Information, Separate Billing Contact

Multi-User Support

Unlimited Administrator and Read-Only accounts are now available in the Dashboard, in the new Organization menu.

We also plan to offer Billing-only accounts for accessing invoices and credit card details.

Organization Information, Billing Contact

An account's organization details can now be added, which will soon be added to all DNSFilter invoices.

If the Billing Contact Email field contains an e-mail address, invoices will only be sent to that address, and not to any other users.

Billing Info (credit card information and invoices) has been relocated to the new Organization section of the menu.

System Status Page

Know what's happening with DNSFilter's infrastructure and feature availability in real time and historically at status.dnsfilter.com

It's also mobile friendly:

EDNS0 and ECS Enabled

We've enabled EDNS0 support in our DNS service, which opens many possibilities for future features, including reporting and content filtering at the device level.

edns0-client-subnet ("ECS" for short) has also been enabled, allowing Content Distribution Networks (CDNs) to serve content that is optimized for our customers' location and IP address range, rather than the location of our DNS resolvers. In other words, it's a major performance enhancement.

In the following example, we spoof the origin IP address of the DNS request using a special dig option. Although we're using the same DNSFilter server to resolve google.com, the authoritative answer changes, because google's authoritative DNS servers are replying with an optimized answer for the IP address range that requests the data.

Privacy Note: We only submit the IP address range (/24) of customer requests, so the customer IP address is anonymized as to not inform the authoritative DNS servers for whom we are requesting the information.

Duplicate Policies

We've added the ability to duplicate existing policies in the Dashboard.

This is an iterative feature update, with eventual plans for more robust policy control when applying to multiple networks.

Go forth and duplicate!

Support and Changelog in Dashboard

We've added two new features in the Dashboard header.

  • A Support button, which lists our most popular Knowledge Base articles, allows searching of the Knowledge Base, and allows sending us a support ticket.

  • A changelog feed, which keeps our customers informed of new features and improvements to our Dashboard and infrastructure (and probably the reason you're reading this post).

We plan to iteratively improve and refine these features in the near future.

DNS, now on :5353

We're now accepting DNS queries on port 5353 (TCP and UDP).

If your ISP is running a transparent DNS proxy, you can now create a firewall rule to redirect outbound :53 traffic to 103.247.36.36:5353 and/or 103.247.37.37:5353.

Transparent proxies are common with:

  • Government-regulated ISPs in Africa, Asia, and The Middle East.
  • Satellite ISPs
  • Mobile Networks

Auto-Categorization Improvements

We've updated the behavior of the Auto-Categorization / Interstitial Blocking feature.

Improvement: Greatly reduced likelihood of being unable to automatically categorize a domain.

Improvement: Provide a 60-second counter to set expectations about the maximum duration of the categorization process.

Improvement: Greatly increased likelihood of automatically redirecting to an allowed domain, as dictated by the network policy, within 3 seconds. Also added a counter to reflect the maximum delay if automatic redirecting does not occur.

Improvement: Domains which could not be automatically categorized by our system resulted in the interstitial block page loading "forever". Now the we will stop trying to automatically categorize after 60 seconds and display a message.

Dynamic DNS for all!

Although our preferred method at this moment is still to use one of our supported Dynamic DNS providers, we now support any hostname whose IP changes (with a 60 second delay). We also added support for instant-updating of additional dynamic DNS providers: tunnelbroker.net, dns.he.net, dnspark.com, dynu.com, freedns.afraid.org.

We currently check all system hostnames every minute.

Here's our planned future progression of this feature:

  1. Provide email alerts to customers who may have their networks misconfigured, such that we're not seeing their dynamic DNS updates. Customers are now alerted when we automatically update DDNS hostnames for them for the first time.
  2. Support more providers, and SSL updates. SSL Updates now supported.
  3. Monitor for a drop in DNS traffic, and only check those dynamic hostnames for a change (and do it more often than every minute)
  4. Start introducing Clientless Dynamic DNS support: You will no longer need to use a dynamic DNS hostname to use our service, and keep your IP with us updated.
  5. Introduce dynamic-hostname.dnsfilter.io.
  6. Support updating third-party dynamic DNS hostnames using our clientless technology.

No published changelogs yet.

Surely DNSFilter will start publishing changelogs very soon.

Check out our other public changelogs: Buffer, Mention, Respond by Buffer, JSFiddle, Olark, Droplr, Piwik Pro, Prott, Ustream, ViralSweep, StartupThreads, Userlike, Unixstickers, Survicate, Envoy, Gmelius, CodeTree