Block 16,024+ AI-tool domains on FortiOS using external threat feeds, web filters, DNS filtering, and SSL inspection.
FortiGuard Web Filtering covers malware, phishing, gambling, and adult content reliably. But it was never designed to classify a tool category that barely existed three years ago.
Classifies ChatGPT and a handful of major platforms. Thousands of specialized AI tools remain tagged under generic categories like "Business" or "Information Technology."
16,024+ active domains spanning chatbots, code generators, image synthesizers, voice cloners, autonomous agents, and dozens of other functional categories.
The gap grows daily. New AI tools launch on obscure domains, operate behind CDNs, and attract users before Fortinet's content team can classify them — if they ever cross the traffic threshold for review.
Our AI Tools Blocklist delivers 16,024+ domains classified into 18 functional categories, built from a corpus of 102 million domains.
Delivered as an External Block List (Threat Feed) — the same mechanism you already use for IP reputation and IoC lists. Daily updates, automatic polling, zero manual maintenance.
FortiOS pulls domain lists from an HTTPS endpoint on a schedule. Once imported, the list is available as a reusable object in firewall policies, web filter profiles, and DNS filter profiles.
Supports plain-text domain lists (one per line), HTTPS auth via URL parameters, configurable refresh intervals, and local caching for resilience.
Navigate to Security Fabric > External Connectors (7.2+) or Fabric Connectors (7.0).
Click Create New, select Threat Feed > URL. Paste the feed URL from your subscription.
60 minutes for enterprise plans, 1440 minutes (24 hours) for standard plans.
FortiOS immediately fetches the list and displays the number of entries imported.
# Create an external threat feed connector for AI tool domains # FortiOS 7.2+ CLI configuration config system external-resource edit "AI-Tools-Blocklist" set type url-list set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&key=YOUR_API_KEY" set refresh-rate 60 set status enable set comments "AI Tools Blocklist - 16,024+ domains, 18 categories, daily updates" next end # Verify the feed was imported successfully diagnose sys external-resource list diagnose sys external-resource show "AI-Tools-Blocklist"
Verify the import: Run diagnose sys external-resource show "AI-Tools-Blocklist" to confirm entry count, last refresh timestamp, and HTTP status code.
No direct internet? Set up an internal mirror that fetches the feed and serves it locally. Point the external resource URL at your mirror instead.
FortiGate's Web Filter inspects HTTP/HTTPS traffic and blocks domains matching your threat feed. Every blocked domain triggers a customizable block page.
Reference external resource entries directly in the URL Filter section. Simpler for a single list.
FortiOS 7.2+ treats the external list as a custom category. Provides per-category logging and granular policy options.
Create a dedicated profile for AI tool blocking rather than modifying your default. This lets you apply AI blocking selectively per policy, user group, or segment.
# Create a web filter profile that blocks AI tool domains # Uses the external threat feed as a URL filter source config webfilter profile edit "Block-AI-Tools" set comment "Blocks AI tool domains via external threat feed" set log-all-url enable set web-content-log enable # Enable FortiGuard category-based filtering (keep existing categories) config ftgd-wf config filters edit 1 set category 2 set action block next end end # Add the external AI blocklist as a URL filter config url-extraction set status enable end config web-filter-referer-log set status enable end next end # Create a firewall policy that applies the web filter profile config firewall policy edit 10 set name "Block-AI-Tools-Policy" set srcintf "internal" set dstintf "wan1" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "HTTP" "HTTPS" set utm-status enable set webfilter-profile "Block-AI-Tools" set ssl-ssh-profile "deep-inspection" set logtraffic all next end
SSL inspection note: Without it, FortiGate only sees the SNI field for HTTPS. Domain-level blocking still works, but SSL deep inspection provides richer logging and prevents access through HTTPS proxies or tunnels.
DNS filtering intercepts queries before a TCP connection is established. Even if a user bypasses the web filter via VPN, non-standard ports, or proxy-ignoring apps, DNS filtering catches it.
DNS filter references the same external threat feed from Step 1. One feed URL powers both web filter and DNS filter — no duplicate configuration.
FortiGate returns a block-page IP instead of the real answer. The client never contacts the AI tool's server — no data leaves the network.
# Configure DNS filter profile to block AI tool domains # Works alongside web filtering for defense-in-depth config dnsfilter profile edit "DNS-Block-AI-Tools" set comment "Block AI tool domain resolution via DNS" set log-all-domain enable set block-botnet enable set safe-search enable set redirect-portal 10.0.0.1 # Reference the external AI blocklist for DNS filtering config external-ip-blocklist set name "AI-Tools-Blocklist" end # Configure FortiGuard DNS category actions config ftgd-dns config filters edit 1 set category 2 set action block set log enable next end end next end # Apply the DNS filter profile to your firewall policy config firewall policy edit 10 set dnsfilter-profile "DNS-Block-AI-Tools" next end # Verify DNS filter is intercepting queries diagnose dnsfilter cache list diagnose test application dnsproxy 7
Block DoH/DoT bypass: Modern browsers route encrypted DNS to third-party resolvers (Cloudflare, Google), bypassing FortiGate entirely. Block known DoH IPs at the firewall level and disable DoH in managed browsers via GPO or MDM. FortiOS 7.2+ includes native DoH detection.
Inspects HTTP/HTTPS after connection. Provides URL-path blocking, custom block pages, and detailed logs. Requires SSL inspection for HTTPS.
Intercepts resolution before any connection. Protocol-agnostic — blocks desktop apps, CLI tools, and API calls. Works without SSL inspection.
99%+ of AI traffic is TLS-encrypted. Without SSL inspection, you cannot see uploads of confidential docs, source code, or database exports.
Block example.com/api/ai while allowing example.com docs. Full URL inspection distinguishes AI features from legitimate content.
Deploy the FortiGate CA to all endpoints via Group Policy (Windows), MDM (macOS/iOS), or system trust store (Linux).
# Configure SSL deep inspection profile for AI tool traffic # Intercepts and inspects HTTPS connections to AI domains config firewall ssl-ssh-profile edit "AI-Deep-Inspection" set comment "Deep inspection for AI tool traffic - enables DLP and content logging" config ssl set inspect-all deep-inspection set untrusted-cert block set min-allowed-ssl-version tls-1.2 end config https set status deep-inspection set ports 443 set proxy-after-tcp-handshake enable end # Exempt domains that break with MITM (banking, healthcare portals) config ssl-exempt edit 1 set type wildcard-fqdn set wildcard-fqdn "*.bank.example.com" next edit 2 set type wildcard-fqdn set wildcard-fqdn "*.healthcare-portal.example.com" next end set server-cert-mode replace set caname "Fortinet_CA_SSL" next end # Download the CA certificate for endpoint deployment execute vpn certificate ca export "Fortinet_CA_SSL"
CPU consideration: SSL deep inspection is CPU-intensive, especially on models without CP9/NP7 processors. Apply deep inspection selectively to AI-tool destinations only, and use certificate inspection for all other traffic.
No SSL inspection? SNI-based web filtering and DNS filtering still provide effective domain-level blocking. You lose content visibility and URL-path control, but core blocking remains intact.
Define the threat feed, profiles, and policies on FortiManager, then push to hundreds of FortiGates simultaneously. Content updates happen independently per firewall.
Every FortiGate gets identical feed URLs, blocking profiles, and policy rules. No forgotten appliance running an outdated blocklist.
Create threat feed connector and security profiles in FortiManager's object database.
Add AI blocking rules to policy packages. Use ADOM-level assignment for device group targeting.
Push to all managed FortiGates. FortiManager validates before installation and reports per-device status.
Revision history: FortiManager logs every policy change — audit when AI blocking was enabled, who made the change, and roll back if needed. Required by compliance frameworks with change management mandates.
Track which AI tools users attempt to access, how frequently, and from which departments. This intelligence informs policy decisions and compliance evidence.
Each log includes source IP, user identity (via FSSO), blocked domain, category match, and action taken. Searchable, chartable, and exportable.
# FortiAnalyzer log queries for AI tool blocking reports # Run these in FortiAnalyzer CLI or use as SQL queries in custom reports # Query: Top 20 blocked AI domains in the last 24 hours execute sql-report run SELECT hostname, COUNT(*) AS block_count FROM webfilter_urlfilter WHERE action = 'blocked' AND profile = 'Block-AI-Tools' AND log_time > NOW() - INTERVAL 24 HOUR GROUP BY hostname ORDER BY block_count DESC LIMIT 20 # Query: Users with the most AI tool access attempts execute sql-report run SELECT user, srcip, COUNT(*) AS attempts FROM webfilter_urlfilter WHERE action = 'blocked' AND profile = 'Block-AI-Tools' AND log_time > NOW() - INTERVAL 7 DAY GROUP BY user, srcip ORDER BY attempts DESC LIMIT 50 # Query: Daily trend of AI tool block events execute sql-report run SELECT DATE(log_time) AS day, COUNT(*) AS daily_blocks FROM webfilter_urlfilter WHERE action = 'blocked' AND profile = 'Block-AI-Tools' AND log_time > NOW() - INTERVAL 30 DAY GROUP BY DATE(log_time) ORDER BY day ASC
FortiGate and FortiAnalyzer support syslog, CEF, and LEEF log forwarding to Splunk, Microsoft Sentinel, Elastic, and QRadar. Block events appear as web filter logs with profile "Block-AI-Tools" and action "blocked." Use these for dashboards, alerts, and correlation with shadow AI detection signals.
Engineering needs code assistants. Marketing uses AI image generators. Legal requires everything blocked. Our 18-category taxonomy enables this granularity.
Create separate threat feed connectors per category. Apply different web filter profiles to different firewall policies based on user groups.
# Category-specific feeds for selective blocking # Each URL returns only domains in the specified categories config system external-resource # Feed: Block text/language AI tools (ChatGPT, writing assistants) edit "AI-Block-TextLanguage" set type url-list set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=text-language&key=YOUR_API_KEY" set refresh-rate 60 set status enable next # Feed: Block image/visual AI tools (Midjourney, DALL-E, etc.) edit "AI-Block-ImageVisual" set type url-list set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=image-visual&key=YOUR_API_KEY" set refresh-rate 60 set status enable next # Feed: Block code/dev AI tools (Copilot, Cursor, Replit AI, etc.) edit "AI-Block-CodeDev" set type url-list set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=code-development&key=YOUR_API_KEY" set refresh-rate 60 set status enable next end
Test AI tool blocking end-to-end from a client behind the FortiGate. Confirm block actions appear in logs with the correct profile match.
# Verification commands — run on the FortiGate CLI # 1. Confirm the external threat feed is loaded and populated diagnose sys external-resource list # Expected output: # Name: AI-Tools-Blocklist # Type: url-list # Status: up # Last-refresh: 2026-07-09 02:00:15 # Entry-count: 42387 # 2. Check if a specific domain is in the loaded feed diagnose sys external-resource entry-list "AI-Tools-Blocklist" | grep "openai.com" # 3. Test web filter matching for a domain diagnose webfilter url-filter test "https://chat.openai.com" # 4. Monitor real-time block events diagnose debug application urlfilter -1 diagnose debug enable # 5. Review recent web filter log entries execute log filter category 4 execute log filter field action block execute log display
FortiGate can't reach the feed URL. Verify DNS resolution and outbound HTTPS from the management VDOM. Run execute ping feeds.aitoolsblocklist.com to diagnose.
Flow-based inspection without SSL sends a TCP RST instead of an HTTP block page. Enable SSL deep inspection or switch to proxy-based inspection mode.
Tools on CDN or shared-hosting domains can't be blocked without collateral damage. Use application control profiles or see our enterprise guide for edge cases.
Lessons from deploying AI-tool blocking across hundreds of FortiGate environments.
Enable web filtering and DNS filtering simultaneously. Together they cover gaps that either one alone would miss.
60 minutes for enterprise, 1440 for standard. Shorter intervals return the same data and waste bandwidth.
Set web filter to "monitor" for one week first. Understand AI tool usage patterns before enforcing hard blocks.
Block known DoH resolvers at the firewall and disable DoH in managed browsers. FortiOS 7.2+ includes native DoH detection.
Block events reveal shadow AI adoption patterns and compliance gaps invisible without centralized log analysis.
Maintain separate AI blocking policies per business unit. Engineering ADOMs allow code AI; finance ADOMs block everything.
Download the free 500-domain sample to test the external threat feed on your FortiGate today. Or tell us your FortiOS version and environment details, and we will send a ready-to-import configuration.
Specify your FortiOS version, number of managed devices, and whether you use FortiManager. We will send a ready-to-import threat feed URL within 24 hours.