AI Tools Blocklist
Home AI Tools Database Taxonomy Pricing
Solutions
Enterprise IT & CISO Education Firewall Admins Shadow AI Prevention
Integrations
Palo Alto Networks FortiGate Cisco Umbrella pfSense REST API
Download Free Sample
Custom URL Category

Adding a Custom AI URL Category
to Your Next-Gen Firewall

Built-in URL categories can't keep pace with AI. Create a dedicated "AI Tools" category on any major firewall — populated with 16,024+ classified domains and updated automatically every 24 hours.

16,024+AI Domains
18Categories
4+Vendor Platforms
DailyUpdates
Request Custom Feed View Pricing
The Gap

Why Built-In Firewall URL Categories Miss AI Tools

Every NGFW ships with a vendor-maintained URL database — PAN-DB, FortiGuard, Talos, or Zscaler's cloud DB. These databases were built for stable, slow-changing threat categories.

Slow Classification

Vendors may eventually classify ChatGPT and Claude. They will never systematically classify thousands of niche AI tools your employees are already using.

Tiny Coverage

A typical vendor "AI" category contains ~200 domains. The actual AI landscape has 16,024+ distinct domains — and grows by dozens every day.

Static Updates

Vendor databases update on their own cycle. New AI writing assistants, code generators, image synthesizers, and agent platforms launch daily and slip through.

Two years ago, generative AI was a handful of research projects. Today, new tools launch daily — most too small to appear on any vendor's radar.

AI writing assistants your firewall has never heard of
Code generators and IDE plugins with cloud backends
Image synthesizers, voice cloners, and deepfake tools
Data extraction bots and autonomous agent platforms

The Policy Gap

Your CISO mandates "block AI tools" — but there is no "AI Tools" category on your firewall, or it only has ~200 entries. Meanwhile, DLP logs show employees pasting source code into unclassified AI assistants, and legal is concerned about confidential text flowing through AI services that launched last month.

The Solution: Custom URL Categories in 4 Steps

Every major firewall supports custom URL categories. The implementation differs by vendor, but the architecture is the same.

1

Define

Create the custom URL category

2

Populate

Load domains from AI-tool feed

3

Reference

Attach to security policy rules

4

Automate

Schedule daily feed updates

Coverage Comparison

~200
Typical vendor AI category
16,024+
Our AI Tools Blocklist
300K
Domains scanned daily
102M
Total domain corpus
Palo Alto Networks

Creating a Custom AI URL Category on Palo Alto PAN-OS

PAN-OS supports two approaches for custom URL categories. For 16,024+ AI domains that change daily, the EDL approach is the only practical option.

Static Custom Category

Manually add domains. Limited to ~50,000 entries. Requires a commit for every update — impractical for daily automation in production.

External Dynamic List (EDL) RECOMMENDED

PAN-OS polls a remote URL on a schedule. No commits needed for updates. Supports 150K+ entries on current hardware.

Host the AI-tool domain list as an External Dynamic List, configure PAN-OS to consume it, then reference the EDL in a URL Filtering Profile attached to your security policy rules.

Step 1: Configure the External Dynamic List

Navigate to Objects → External Dynamic Lists in the web interface. Set the type to "URL List," point the source URL at your feed, and set the refresh interval.

# PAN-OS CLI — Configure an External Dynamic List for AI tool domains

configure

# Create the EDL object
set objects external-list AI-Tools-EDL type url url \
  "https://feeds.aitoolsblocklist.com/v1/domains?format=plain&key=YOUR_API_KEY"

# Set the refresh interval (hourly recommended for enterprise)
set objects external-list AI-Tools-EDL type url recurring hourly

# Optional: add a description for audit trail
set objects external-list AI-Tools-EDL type url description \
  "AI Tools Blocklist - 16,024+ domains - Updated daily"

# Commit the configuration
commit

# Verify the EDL is populated
request system external-list show name AI-Tools-EDL

Step 2: Create a URL Filtering Profile

Create or modify a URL Filtering Profile that references the EDL. The profile tells PAN-OS what action to take when a session matches a domain in the list.

Pro Tip: Start with Alert Mode

Start with "alert" for the first week to identify false positives or legitimate business tools. Switch to "block" once you have validated the list against your environment.

# PAN-OS CLI — URL Filtering Profile referencing the EDL

set profiles url-filtering AI-Block-Profile \
  block-list AI-Tools-EDL
set profiles url-filtering AI-Block-Profile \
  action block
set profiles url-filtering AI-Block-Profile \
  block-list-action block

# Attach the profile to a security policy rule
set rulebase security rules Block-AI-Tools \
  from trust \
  to untrust \
  source any \
  destination any \
  application any \
  service application-default \
  action allow \
  profile-setting profiles url-filtering AI-Block-Profile

commit

After committing, PAN-OS immediately evaluates sessions against the EDL. Any HTTP/HTTPS request to a listed domain is blocked according to your profile action.

The block page is configurable — most organizations customize it with an explanation and a link to an internal exception request process. For a full walkthrough with screenshots, see our Palo Alto AI Blocking Guide.

Fortinet FortiGate

Custom AI URL Category on FortiGate / FortiOS

FortiGate supports custom URL categories through the Web Filter feature. The external threat feed (FortiOS 6.2+) is the recommended method — it supports automatic refresh without a firmware commit for each update cycle.

FortiOS external threat feeds consume a plain-text domain list hosted on an HTTPS URL. Here is what the feed supports:

Configure as an External Connector, reference in a Web Filter Profile
FortiOS polls the URL at your set interval and updates the local cache transparently
Supports up to 131,072 entries — comfortably fits our 16,024+ domain list
Apply the profile to a firewall policy to begin enforcement
# FortiOS CLI — Configure external threat feed for AI tool domains

config system external-resource
    edit "AI-Tools-Feed"
        set type category
        set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=plain&key=YOUR_API_KEY"
        set refresh-rate 1440    # Refresh every 1440 minutes (24 hours)
        set status enable
    next
end

# Create a web filter profile that blocks the AI category
config webfilter profile
    edit "Block-AI-Tools"
        config ftgd-wf
            config filters
                edit 1
                    set category 192    # Custom category ID for AI-Tools-Feed
                    set action block
                next
            end
        end
    next
end

# Apply the web filter profile to a firewall policy
config firewall policy
    edit 10
        set name "Block-AI-Outbound"
        set srcintf "internal"
        set dstintf "wan1"
        set action accept
        set utm-status enable
        set webfilter-profile "Block-AI-Tools"
    next
end

FortiGate logs every blocked request in the Web Filter log category. Forward logs to FortiAnalyzer or your SIEM to build AI usage dashboards.

Matched Domain

Each log entry includes the blocked domain, category name, source IP, and timestamp.

User Identity

With FortiAuthenticator or FSSO configured, logs include user identity for department-level reporting.

Trend Analysis

Track which departments generate the most block events and whether block volume is trending up or down over time.

Cloud Platforms

Custom AI Categories on Zscaler and Cisco Umbrella

Cloud platforms handle custom categories differently from on-prem firewalls. The core concept is the same — define, populate, enforce — but the mechanics are cloud-native (API upload or portal integration).

Zscaler Internet Access (ZIA)

Zscaler supports custom URL categories in ZIA. Create a category, add AI domains, then reference it in a URL Filtering Rule with a "Block" action.

Add domains individually, by CSV upload, or via the ZIA API
ZIA API supports bulk upload for automated daily refreshes
Applies to all Zscaler-connected users regardless of physical location
Ideal for organizations with distributed or remote workforces
# Zscaler ZIA API — Create custom URL category and add AI domains
# Step 1: Authenticate and get API token

curl -X POST "https://zsapi.zscaler.net/api/v1/authenticatedSession" \
  -H "Content-Type: application/json" \
  -d '{
    "apiKey": "YOUR_ZIA_API_KEY",
    "username": "[email protected]",
    "password": "YOUR_PASSWORD"
  }'

# Step 2: Create or update custom URL category
curl -X POST "https://zsapi.zscaler.net/api/v1/urlCategories" \
  -H "Content-Type: application/json" \
  -H "Cookie: JSESSIONID=YOUR_SESSION" \
  -d '{
    "configuredName": "AI Tools - Blocked",
    "superCategory": "USER_DEFINED",
    "urls": [
      "openai.com", "chat.openai.com", "claude.ai",
      "anthropic.com", "midjourney.com", "jasper.ai"
    ],
    "dbCategorizedUrls": [],
    "customCategory": true,
    "type": "URL_CATEGORY"
  }'

# Step 3: Activate changes
curl -X POST "https://zsapi.zscaler.net/api/v1/status/activate" \
  -H "Cookie: JSESSIONID=YOUR_SESSION"

Cisco Umbrella

Umbrella uses destination lists instead of URL categories. Blocking happens at the DNS layer — before any HTTP connection is established.

How Umbrella DNS Blocking Works

Create a destination list, populate it with AI domains, and associate it with a DNS policy set to "block." The client's DNS query returns an Umbrella block page IP instead of the real address — transparent to users, no proxy configuration required.

Umbrella's Management API accepts up to 500 domains per request, so a full update of 16,024+ domains requires batched calls. Our integration scripts handle this automatically.

Cloud-Native Enforcement

Both Zscaler and Umbrella enforce the block regardless of user location. Remote workers, branch offices, and mobile devices are covered without VPN hairpinning.

API-Driven Updates

Both platforms expose REST APIs for managing categories and destination lists. Automate daily refreshes with a scheduled script. No manual portal clicks after initial setup.

Automation

Automating Custom Category Updates Across Vendors

A custom URL category is only as useful as its last update. An AI-tool list accurate in January is missing hundreds of new domains by March.

The automation strategy depends on your platform, but the pattern is consistent: fetch domains, push to your firewall, verify success.

EDL / Threat Feed Approach

For Palo Alto and FortiGate on-premises firewalls.

Firewall handles polling and refresh
Configure URL once, set interval
No external scripts or cron jobs

Script-Based Approach

For Zscaler, Umbrella, or when you need custom filtering.

Daily cron fetches from our REST API
Computes delta, pushes via platform API
Filter by category or apply local allowlist
#!/usr/bin/env python3
# Automated AI URL category updater — multi-vendor support
# Schedule via cron: 0 3 * * * /opt/scripts/update_ai_category.py

import requests, json, sys, logging
from datetime import datetime, timedelta

logging.basicConfig(level=logging.INFO,
    format='%(asctime)s [%(levelname)s] %(message)s')
log = logging.getLogger('ai-category-updater')

# Configuration
API_KEY    = "YOUR_API_KEY"
FEED_URL   = "https://api.aitoolsblocklist.com/v1/domains"
DELTA_URL  = "https://api.aitoolsblocklist.com/v1/delta"
STATE_FILE = "/var/lib/ai-blocklist/last_sync.json"

def fetch_delta():
    """Fetch only domains changed since last sync."""
    try:
        with open(STATE_FILE) as f:
            state = json.load(f)
        since = state["last_sync"]
    except FileNotFoundError:
        since = (datetime.utcnow() - timedelta(days=30)).isoformat() + "Z"

    resp = requests.get(DELTA_URL,
        params={"since": since, "format": "json"},
        headers={"Authorization": f"Bearer {API_KEY}"},
        timeout=30)
    resp.raise_for_status()
    data = resp.json()

    log.info(f"Delta: {len(data['added'])} added, {len(data['removed'])} removed")
    return data

def update_panos_edl():
    """Force PAN-OS to refresh its EDL immediately."""
    import subprocess
    result = subprocess.run([
        "curl", "-sk",
        "https://firewall.local/api/?type=op&cmd="
        ""
        ""
        "&key=PAN_API_KEY"
    ], capture_output=True)
    log.info(f"PAN-OS EDL refresh: {result.returncode}")

def update_zscaler(added, removed):
    """Push delta to Zscaler custom URL category."""
    session = requests.Session()
    # Authenticate to ZIA API
    session.post("https://zsapi.zscaler.net/api/v1/authenticatedSession",
        json={"apiKey": "ZIA_KEY", "username": "admin", "password": "pass"})
    # Get current category, merge delta, PUT update
    cat = session.get("https://zsapi.zscaler.net/api/v1/urlCategories/CUSTOM_CAT_ID").json()
    urls = set(cat["urls"])
    urls.update(added)
    urls -= set(removed)
    cat["urls"] = list(urls)
    session.put(f"https://zsapi.zscaler.net/api/v1/urlCategories/{cat['id']}", json=cat)
    session.post("https://zsapi.zscaler.net/api/v1/status/activate")
    log.info(f"Zscaler updated: {len(urls)} total domains")

if __name__ == "__main__":
    delta = fetch_delta()
    update_panos_edl()
    update_zscaler(delta["added"], delta["removed"])
    # Save sync state
    with open(STATE_FILE, "w") as f:
        json.dump({"last_sync": delta["timestamp"]}, f)
    log.info("All platforms updated successfully")

This script is a starting point. For production, add the following safeguards:

Error handling for API rate limits and transient network failures
Notification hooks (Slack, email, PagerDuty) for update failures
Rollback mechanism if the new list triggers anomalous support tickets
Expanded examples available in our API documentation
Policy Design

Designing Category-Based Security Policies

A custom AI URL category is a policy building block, not a policy by itself. Attach it to different rules with different actions for different user groups, zones, or time windows.

Our 18-category taxonomy enables granular governance — engineering keeps code assistants, marketing loses AI copywriting tools, and nobody uploads files to AI data extraction services.

Hard Block Categories

Block for all users with no exceptions: "Deepfake & Synthetic Media," "Data Extraction & Scraping," "Adult & NSFW AI." These categories represent tools with no legitimate business use and high risk of misuse or data exfiltration. Action: block, log, alert SOC.

Monitor-Only Categories

Allow but log and monitor: "Code & Development," "Research & Academic AI." These tools may have legitimate productivity value. Action: allow, log, generate weekly usage report. Revisit quarterly to decide if controls should tighten.

Group-Based Categories

Differentiate by department: block "Text & Language" for finance and legal, allow for marketing. Block "Image & Visual" for all except the design team. Requires user-ID integration (LDAP/AD group mapping) on your firewall.

Time-Based Policies

Some organizations allow AI tool access during lunch hours or outside business hours but block during core working hours. Time-based schedules on your firewall policy rule enable this without changing the custom category itself.

Single Category vs. Multiple Categories

Single Category

All 16,024+ AI domains in one category. Simpler to maintain — one feed URL, one EDL, one refresh job. Best for getting started quickly.

Multiple Categories

Separate EDLs filtered by our taxonomy. More feed URLs and EDL objects, but full policy granularity per AI function. Best as governance matures.

Multi-Vendor

Managing a Unified AI Category Across a Heterogeneous Firewall Estate

Enterprise networks rarely run a single firewall vendor. Without a unified approach, inconsistencies between platforms create policy gaps users will find.

The Challenge

Palo Alto at the perimeter, FortiGate at branches
Zscaler for remote users, Umbrella for DNS
Four separate APIs, update scripts, and monitoring

The Solution

Our feed as single source of truth
One script fetches, then pushes to all platforms
Identical domain list everywhere; only delivery differs

Ansible and Terraform can formalize this. Template the EDL URL into Palo Alto configs, the external resource block into FortiOS, and API calls into Zscaler/Umbrella — all from a single set of variables.

Change the feed URL or rotate an API key in one place. Push the configuration to all platforms simultaneously.

Multi-Vendor Deployment Checklist

Single feed URL as source of truth
Platform-specific delivery scripts
Centralized API key management
Identical domain list on all platforms
Unified logging to SIEM
Update failure alerting per platform
Allowlist synchronized across vendors
Quarterly review of category coverage

Auditability

When compliance asks "are we blocking AI tools everywhere?" — one script queries each platform's category and compares domain counts against the feed total. If all platforms report 16,024+ domains, coverage is confirmed. Drift is flagged and auto-resynced on the next run.

Ready to Add an AI Category to Your Firewall?

Tell us your firewall platform and we will send a ready-to-import domain feed in the exact format your custom URL category expects — EDL, threat feed, API, or plain-text domain list.

Download Free Sample View Plans

Request a Custom AI URL Category Feed

Specify your firewall vendor, firmware version, and whether you need a single all-categories feed or per-category filtered feeds. We will respond within 24 hours.