Custom Categories in CyberFOX DNS Filtering provide administrators and MSPs with the flexibility to organize domain rules into precise, reusable, and high‑priority filtering objects. These custom definitions allow global allow/deny lists, customer‑specific overrides, and departmental exceptions to be applied consistently and at scale. By consolidating multiple domain actions into structured categories, you simplify policy management, improve response time to threats, and maintain clarity across multi‑tenant environments.

Accessing the Categories Section

1. Sign in to the CyberFOX DNS Filtering Admin Portal.
2. Navigate to Filtering Policies → Categories.
3. Select Create + to begin creating a new Custom Category.

Creating a Custom Category

1. Name the Category
   Use clear naming conventions such as “MSP‑Global‑Allow” or “Tenant‑Marketing‑Exceptions.”
2. Assign Priority
   • Higher number = higher precedence.
   • Built‑in categories remain at priority 0.
3. Save the category.

Domain Formatting Behavior

How you enter a domain determines the scope of filtering:

• google.com → affects all subdomains (*.google.com)
• mail.google.com → affects only that exact host
• cdn.service.example.com → ideal for granular SaaS controls

This allows fine‑tuned filtering for complex services such as Microsoft 365, Google Workspace, CDNs, and app‑specific URLs.

Understanding Priorities

Priorities determine which rule wins when the same domain appears in multiple categories.

Key rules:

• A domain can exist in more than one category
  Ex: youtube.com may appear in Streaming Media, Education, Global Allow, etc.
• Highest priority wins
  If youtube.com is Allowed at priority 50 and Blocked at priority 20, the Allow rule applies.
• Prebuilt categories are subject‑based, not good/bad lists
  They classify content themes—not risk levels.
  Example: Social Media includes Facebook, LinkedIn, and TikTok—not because they’re harmful, but because they match the category’s topic.
• Built‑in categories are always priority 0
  They cannot be modified and serve as the baseline classifier.

This system enables administrators to create high‑priority overrides for urgent allow/block situations or tenant‑specific rules.

Advanced Use Cases

Global MSP Allow/Deny Categories

Create one universal allow or deny category and apply it to every tenant policy. Updating this single category updates all managed environments instantly.

Customer‑Specific Exceptions

Override global rules for a specific company (e.g., allow Facebook for HR teams but block it for other departments).

Proxy Mode for Mixed‑Risk Domains

Some domains host both safe and unsafe subresources. Proxied mode allows access while still filtering undesirable content through the CyberFOX filtered proxy.

Temporary “Review Pending” Category

Use “On Review” for domains needing internal evaluation without blocking users or exposing them to unwanted behavior.

Department‑Tiered Priority Structures

Administrators may assign:

• Priority 10 → Global rules
• Priority 20 → Customer overrides
• Priority 30 → Department exceptions
• Priority 40+ → Emergency overrides

Best Practices

• Use clear, meaningful category names to simplify long‑term administration.
• Maintain a documented priority strategy (10/20/30 tiers).
• Regularly audit categories for duplicates and obsolete entries.
• Group domains by purpose: Compliance, Business Applications, Marketing Tools, Security Exceptions.
• Use Proxied instead of Allow when dealing with unknown/partially trusted resources.
• Minimize redundant domains across categories to reduce complexity.

Troubleshooting

A domain isn’t applying the expected action

• Check if the domain appears in multiple categories.
• Inspect category priorities—highest priority determines final action.
• Verify the policy containing the category is actually assigned to the device location/company.
• Confirm the device is using CyberFOX DNS resolvers.

HTTPS block page not showing

• Ensure the CyberFOX SSL certificate is deployed to the user’s device.
• Verify the domain action is set to Blocked, not On Review.

Proxy‑mode domains not loading

• Make sure the CyberFOX Proxy service is enabled for the tenant.
• Verify firewall rules allow proxy traffic.

Wildcard confusion

• example.com affects all subdomains.
• portal.example.com affects only that subdomain.
• Re‑enter with correct scope if needed.

Security & Sync Behavior

• Category changes sync globally within seconds via CyberFOX’s cloud‑managed infrastructure.
• Category modifications are logged for audit and compliance visibility.
• High‑priority categories enable rapid incident response (e.g., blocking a newly discovered phishing domain).
• Multi‑tenant MSP environments benefit from hierarchical overrides that maintain Zero Trust alignment.
• All domain actions and category associations propagate consistently across roaming clients, office networks, and remote endpoints.

Related Articles

• Creating Custom Policies
  https://support.cyberfox.com/dns-fp/creating-custom-policies
• Troubleshooting Policies & Categories
  https://support.cyberfox.com/dns-fp/troubleshooting-policies
• Testing Filtering Policies
  https://support.cyberfox.com/dns-fp/testing-filtering-policies
• Configuring Block Pages
  https://support.cyberfox.com/dns-fp/configuring-block-pages
• Proxy Service Overview
  https://support.cyberfox.com/dns-fp/proxy-service