US English (US)
FR French
DE German
ES Spanish
IT Italian
NL Dutch
JP Japanese

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

  • Contact Us
English (US)
US English (US)
FR French
DE German
ES Spanish
IT Italian
NL Dutch
JP Japanese
  • Home
  • CyberFOX DNS Filtering
  • Filtering Policies

Troubleshooting Policies and Categories

Learn effective strategies for identifying and resolving issues with Troubleshooting Policies in this comprehensive guide.

Written by Owen Parry

Updated at August 5th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

  • AutoElevate Knowledgebase
    New to AutoElevate? START HERE General & Troubleshooting Managing Rules Integrations Announcements FAQ Sales & Marketing How to Videos
  • Password Boss Knowledgebase
    Using Password Boss Business Administration Password Boss Partner Documents
  • CyberFOX DNS Filtering
    Getting Started Filtering Policies Company and Location Setup Roaming Clients Reporting and Logging
  • Marketing Toolkit
    MSP Marketing & Education Toolkit
  • Changelogs for Autoelevate and Password Boss
  • Current Status
+ More

Table of Contents

Resolving Conflicts Between Policies Understanding Policy Priorities Steps to Resolve Policy Conflicts Identify Conflicting Policies: Set Priorities: Apply Rules Based on Priority: Use Domain Overrides: Test and Validate: Examples and Troubleshooting Example of Conflicting Rules Example of Subdomain Conflicts Example of Overlapping Categories Example of Wildcard Domain Conflicts

Resolving Conflicts Between Policies


Conflicts may arise when managing DNS filtering policies when multiple policies contain the same domain with different rules (e.g., one policy blocks a domain while another allows it). This article provides guidelines on how to resolve such conflicts effectively.

 

Understanding Policy Priorities


Policies consist of various categories that establish rules for DNS filtering. Each category can be assigned a priority level, which dictates which rules are applied. The highest-priority rule is used, ensuring it takes precedence over rules with the same domain name in lower-priority rules.

 

By setting the appropriate priority levels and utilizing domain overrides, you can effectively resolve conflicts between policies and enforce the most important rules. Regular testing and validation are crucial to maintaining the integrity of your DNS filtering setup.

 

Steps to Resolve Policy Conflicts


Identify Conflicting Policies:

  • Review the policies to identify domains that have conflicting rules. Check if the same domain appears in multiple categories with different actions (allow, block, etc.).

Set Priorities:

  • Assign priority levels to each category within the policies. Higher priority categories should contain the most critical rules that need to be enforced first.

Apply Rules Based on Priority:

  • When a domain appears in multiple categories, the rule with the highest priority in the category is applied. For example, a domain will be allowed if a lower-priority category blocks it and a higher-priority category allows it.

Use Domain Overrides:

  • Use domain overrides for specific scenarios where certain domains need to bypass the general policy. This allows you to set rules for individual domains without affecting the overall policy.

Test and Validate:

  • After configuring the priorities and overrides, test the policies to ensure they work as intended. Verify that the correct rules are applied according to the priority levels.

 

Examples and Troubleshooting


Example of Conflicting Rules

Scenario: A domain is blocked in one policy but allowed in another. Look at the following rules:

  • Policy A (Priority 10): Blocks google.com
  • Policy B (Priority 20): Allows www.google.com

Results: In this scenario, www.google.com will be allowed because Policy B has a higher priority than Policy A

Solution: Check the priority levels of the categories containing the conflicting rules. Ensure that the higher priority category has the intended rule. For instance, if google.com is blocked in a lower-priority category but allowed in a higher-priority category, the domain will be allowed, and you should determine whether the higher-ranked rule should be included in the policy.

 

Example of Subdomain Conflicts

Scenario: A subdomain is allowed in one policy, but the main domain is blocked in another.

Solution: Ensure that the subdomain rule has a higher priority than the main domain rule. For instance, if www.google.com is allowed but google.com is blocked, the rule for www.google.com should have a higher priority to ensure access.

 

Example of Overlapping Categories

Scenario: Two categories contain overlapping domains with different rules.

Solution: Review the priority levels of the categories and adjust them to ensure the intended rule is applied. For example, if socialmedia.com is blocked in one category and allowed in another, the category with the higher priority will determine the final rule.

 

Example of Wildcard Domain Conflicts

Scenario: A wildcard domain is blocked in one policy, but a specific domain within the wildcard is allowed in another.

Solution: Ensure that the particular domain rule has a higher priority than the wildcard domain rule. For example, if *.example.com is blocked but specific.example.com is allowed, the rule for specific.example.com should have a higher priority.
 

guidelines problem-solving

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Password Boss for Windows
  • Troubleshooting Password Boss in your browser
  • Products
    • Privileged Access Management
    • Password Management
  • Solutions
    • For MSPs
    • For IT Pros
    • By Industry
  • Resources
    • Weekly Demos
    • Events
    • Blog
    • FAQ
  • Company
    • Leadership
    • Culture + Values
    • Careers
    • Awards
    • News & Press
    • Trust Center
    • Distributors
  • Get Pricing
  • Free Trial
  • Request a Demo
  • Support
  • Login
  • Contact
4925 Independence Parkway
Suite 400
Tampa, FL 33634
CALL US (813) 578-8200
  • Link to Facebook
  • Link to Linkedin
  • Link to Twitter
  • Link to Youtube
© 2023 CYBERFOX LLC ALL RIGHTS RESERVED  |  Privacy Policy

Knowledge Base Software powered by Helpjuice

Expand