Snowflake: Three practical takeaways // Register Now

Ready to help

Can Push block users from visiting websites?

Yes. You can prevent employees from visiting malicious websites by configuring a block of URLs using the URL blocking feature.

If employees try to visit a blocked URL, they will see your custom block message instead of the site.

You can configure URL blocking on the Controls page of the Push admin console.

Sample block page for URL blocking - KB 10112

This feature allows you to respond to phishing incidents by blocking the phishing URL across your entire workforce. You can also implement blocks for known-bad websites.

Push will also emit a webhook event when a blocked URL is visited. You can programmatically manage URL blocking as part of responding to an attempted phishing incident by using the Push REST API to automatically add URLs to the blocklist or to sync with other threat intelligence sources of known-bad sites.

Syntax for adding URLs

When adding URLs to your blocklist, you can use a wildcard * (star / asterisk character) to partially match website domains.

For example, *.example.com will catch any subdomains in example.com.

Note: URL match patterns do not support the syntax *.example.* You must use the syntax *.example.com or *.example.org if you wish to have a wildcard for subdomains.

To catch all pages on a domain, use the syntax example.com/*. You can combine these two approaches to catch all pages and all subdomains by using the syntax *.example.com/*

Markdown for styling custom message

The custom message field for the block page supports link and email syntax using markdown, but no other formatting.

Example markdown:

  • [Push Security](https://pushsecurity.com)

  • [Steph](mailto:steph@ctrlaltsecure.com)