Blocked Query Response (Custom Block Pages)

Customize how Control D responds to blocked queries.

What is this?

When Control D blocks a domain via a Filter, Service, or Custom Rule, by default it returns the following DNS records:

  • A: 0.0.0.0
  • AAAA: ::

This feature allows you to change this behavior and return a different response.

How to Use it

Edit your desired Profile and go to Profile Options.

Toggle this feature ON and choose the desired response type. There are several to choose from:

  • 0.0.0.0 / :: (Default)
  • NXDOMAIN - return this RCODE
  • REFUSED - return this RCODE
  • Custom - choose your own IPs to respond with or use custom block page
  • Branded - Use a branded and customizable block page

Custom Block Page

Here you can input your own IPv4 and IPv6 addresses. When a website is blocked, Control D will spoof to IP addresses you have chosen here. This can be used with a self-hosted block page + your own Root Certificate.

Branded Block Page

❗️

Root Certificate Installation Required

In order for this to work with HTTPS websites, Root Certificate Installation is required. Check the linked document to learn more.

This option allows you to use a Control D hosted block page, which you can optionally customize with:

  • Your own logo
  • Custom block Title
  • Custom block message
  • External Link Title
  • External Link URL

By default, with no custom settings, a branded page will look like this.

Now, you can customize it using the 5 fields.

When a website is blocked, it will look something like this.

Unblock Request Button

If you omit the "External Link Title" and "External Link URL" fields, a default reporting button will be added to the block page.

Clicking this button will reveal a small form where the end user can request for this page to be unblocked. Account owner or admin will receive this request via email, and an action can be performed.

Hostname Variable

In the External Link URL you can use a variable {domain} which will template your link with the website FQDN that was blocked. For example, if you use: https://reporting-url-example.com?hostname={domain} and access pornhub.com, and it's blocked, the link will become https://reporting-url-example.com?hostname=pornhub.com


🍎

If the physical device in use is an Apple platform, the Shortcuts url scheme can be used as the link on the branded block page.

Using this neat trick, a shortcut can be built to send pertinent information to the “family IT admin” along with something like "I need something unblocked," all in the background.