AI Tools Blocklist
Home AI Tools Database Taxonomy Pricing
Solutions
Enterprise IT & CISO Education Firewall Admins Shadow AI Prevention
Integrations
Palo Alto Networks FortiGate Cisco Umbrella pfSense REST API
Download Free Sample
FortiGate Configuration Guide

Block AI Tools on FortiGate Firewalls

Block 16,024+ AI-tool domains on FortiOS using external threat feeds, web filters, DNS filtering, and SSL inspection.

16,024+AI Domains
18Categories
FortiOS 7.xTested
DailyUpdates
Download Sample Domain List View Pricing
The Challenge

Why FortiGuard Web Filtering Alone Cannot Block the AI Landscape

FortiGuard Is Built for Traditional Categories

FortiGuard Web Filtering covers malware, phishing, gambling, and adult content reliably. But it was never designed to classify a tool category that barely existed three years ago.

FortiGuard AI Coverage

Classifies ChatGPT and a handful of major platforms. Thousands of specialized AI tools remain tagged under generic categories like "Business" or "Information Technology."

The Real AI Landscape

16,024+ active domains spanning chatbots, code generators, image synthesizers, voice cloners, autonomous agents, and dozens of other functional categories.

The gap grows daily. New AI tools launch on obscure domains, operate behind CDNs, and attract users before Fortinet's content team can classify them — if they ever cross the traffic threshold for review.

Purpose-Built AI Domain Feed

Our AI Tools Blocklist delivers 16,024+ domains classified into 18 functional categories, built from a corpus of 102 million domains.

Native FortiGate Integration

Delivered as an External Block List (Threat Feed) — the same mechanism you already use for IP reputation and IoC lists. Daily updates, automatic polling, zero manual maintenance.

Coverage Comparison

16,024+
Our AI domains classified
~200
Typical FortiGuard AI coverage
102M
Total domain corpus scanned
24hr
Feed update cycle
Step 1: Threat Feed

Configure the External Block List (Threat Feed Connector)

External Block Lists (Threat Feeds)

FortiOS pulls domain lists from an HTTPS endpoint on a schedule. Once imported, the list is available as a reusable object in firewall policies, web filter profiles, and DNS filter profiles.

Available in FortiOS 6.0+ and All 7.x Releases

Supports plain-text domain lists (one per line), HTTPS auth via URL parameters, configurable refresh intervals, and local caching for resilience.

GUI Method: FortiOS Web Interface

1

Open Connectors

Navigate to Security Fabric > External Connectors (7.2+) or Fabric Connectors (7.0).

2

Create Threat Feed

Click Create New, select Threat Feed > URL. Paste the feed URL from your subscription.

3

Set Refresh Rate

60 minutes for enterprise plans, 1440 minutes (24 hours) for standard plans.

4

Save & Verify

FortiOS immediately fetches the list and displays the number of entries imported.

CLI Method: FortiOS Command Line

# Create an external threat feed connector for AI tool domains
# FortiOS 7.2+ CLI configuration

config system external-resource
    edit "AI-Tools-Blocklist"
        set type url-list
        set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&key=YOUR_API_KEY"
        set refresh-rate 60
        set status enable
        set comments "AI Tools Blocklist - 16,024+ domains, 18 categories, daily updates"
    next
end

# Verify the feed was imported successfully
diagnose sys external-resource list
diagnose sys external-resource show "AI-Tools-Blocklist"

Verify the import: Run diagnose sys external-resource show "AI-Tools-Blocklist" to confirm entry count, last refresh timestamp, and HTTP status code.

No direct internet? Set up an internal mirror that fetches the feed and serves it locally. Point the external resource URL at your mirror instead.

Step 2: Web Filter

Create a Web Filter Profile with the AI Blocklist

Reference the Threat Feed in a Web Filter Profile

FortiGate's Web Filter inspects HTTP/HTTPS traffic and blocks domains matching your threat feed. Every blocked domain triggers a customizable block page.

Two Integration Methods

URL Filter Method

Reference external resource entries directly in the URL Filter section. Simpler for a single list.

Remote Category Method

FortiOS 7.2+ treats the external list as a custom category. Provides per-category logging and granular policy options.

Create a dedicated profile for AI tool blocking rather than modifying your default. This lets you apply AI blocking selectively per policy, user group, or segment.

# Create a web filter profile that blocks AI tool domains
# Uses the external threat feed as a URL filter source

config webfilter profile
    edit "Block-AI-Tools"
        set comment "Blocks AI tool domains via external threat feed"
        set log-all-url enable
        set web-content-log enable

        # Enable FortiGuard category-based filtering (keep existing categories)
        config ftgd-wf
            config filters
                edit 1
                    set category 2
                    set action block
                next
            end
        end

        # Add the external AI blocklist as a URL filter
        config url-extraction
            set status enable
        end

        config web-filter-referer-log
            set status enable
        end
    next
end

# Create a firewall policy that applies the web filter profile
config firewall policy
    edit 10
        set name "Block-AI-Tools-Policy"
        set srcintf "internal"
        set dstintf "wan1"
        set srcaddr "all"
        set dstaddr "all"
        set action accept
        set schedule "always"
        set service "HTTP" "HTTPS"
        set utm-status enable
        set webfilter-profile "Block-AI-Tools"
        set ssl-ssh-profile "deep-inspection"
        set logtraffic all
    next
end

SSL inspection note: Without it, FortiGate only sees the SNI field for HTTPS. Domain-level blocking still works, but SSL deep inspection provides richer logging and prevents access through HTTPS proxies or tunnels.

Step 3: DNS Filter

DNS Filtering: Block AI Domains at the Resolution Layer

Block Before the Connection Exists

DNS filtering intercepts queries before a TCP connection is established. Even if a user bypasses the web filter via VPN, non-standard ports, or proxy-ignoring apps, DNS filtering catches it.

Same Feed, Dual Enforcement

DNS filter references the same external threat feed from Step 1. One feed URL powers both web filter and DNS filter — no duplicate configuration.

Forged DNS Response

FortiGate returns a block-page IP instead of the real answer. The client never contacts the AI tool's server — no data leaves the network.

# Configure DNS filter profile to block AI tool domains
# Works alongside web filtering for defense-in-depth

config dnsfilter profile
    edit "DNS-Block-AI-Tools"
        set comment "Block AI tool domain resolution via DNS"
        set log-all-domain enable
        set block-botnet enable
        set safe-search enable
        set redirect-portal 10.0.0.1

        # Reference the external AI blocklist for DNS filtering
        config external-ip-blocklist
            set name "AI-Tools-Blocklist"
        end

        # Configure FortiGuard DNS category actions
        config ftgd-dns
            config filters
                edit 1
                    set category 2
                    set action block
                    set log enable
                next
            end
        end
    next
end

# Apply the DNS filter profile to your firewall policy
config firewall policy
    edit 10
        set dnsfilter-profile "DNS-Block-AI-Tools"
    next
end

# Verify DNS filter is intercepting queries
diagnose dnsfilter cache list
diagnose test application dnsproxy 7

Block DoH/DoT bypass: Modern browsers route encrypted DNS to third-party resolvers (Cloudflare, Google), bypassing FortiGate entirely. Block known DoH IPs at the firewall level and disable DoH in managed browsers via GPO or MDM. FortiOS 7.2+ includes native DoH detection.

Web Filter (Layer 7)

Inspects HTTP/HTTPS after connection. Provides URL-path blocking, custom block pages, and detailed logs. Requires SSL inspection for HTTPS.

DNS Filter (Layer 3/4)

Intercepts resolution before any connection. Protocol-agnostic — blocks desktop apps, CLI tools, and API calls. Works without SSL inspection.

Step 4: SSL Inspection

SSL Deep Inspection: Full Visibility into Encrypted AI Traffic

Content Visibility

99%+ of AI traffic is TLS-encrypted. Without SSL inspection, you cannot see uploads of confidential docs, source code, or database exports.

Path-Level Blocking

Block example.com/api/ai while allowing example.com docs. Full URL inspection distinguishes AI features from legitimate content.

CA Certificate Required

Deploy the FortiGate CA to all endpoints via Group Policy (Windows), MDM (macOS/iOS), or system trust store (Linux).

# Configure SSL deep inspection profile for AI tool traffic
# Intercepts and inspects HTTPS connections to AI domains

config firewall ssl-ssh-profile
    edit "AI-Deep-Inspection"
        set comment "Deep inspection for AI tool traffic - enables DLP and content logging"

        config ssl
            set inspect-all deep-inspection
            set untrusted-cert block
            set min-allowed-ssl-version tls-1.2
        end

        config https
            set status deep-inspection
            set ports 443
            set proxy-after-tcp-handshake enable
        end

        # Exempt domains that break with MITM (banking, healthcare portals)
        config ssl-exempt
            edit 1
                set type wildcard-fqdn
                set wildcard-fqdn "*.bank.example.com"
            next
            edit 2
                set type wildcard-fqdn
                set wildcard-fqdn "*.healthcare-portal.example.com"
            next
        end

        set server-cert-mode replace
        set caname "Fortinet_CA_SSL"
    next
end

# Download the CA certificate for endpoint deployment
execute vpn certificate ca export "Fortinet_CA_SSL"

CPU consideration: SSL deep inspection is CPU-intensive, especially on models without CP9/NP7 processors. Apply deep inspection selectively to AI-tool destinations only, and use certificate inspection for all other traffic.

No SSL inspection? SNI-based web filtering and DNS filtering still provide effective domain-level blocking. You lose content visibility and URL-path control, but core blocking remains intact.

Multi-Site Deployment

FortiManager: Centralized AI Blocking Across Your Fleet

Configure Once, Push Everywhere

Define the threat feed, profiles, and policies on FortiManager, then push to hundreds of FortiGates simultaneously. Content updates happen independently per firewall.

Zero Configuration Drift

Every FortiGate gets identical feed URLs, blocking profiles, and policy rules. No forgotten appliance running an outdated blocklist.

1

Define Objects

Create threat feed connector and security profiles in FortiManager's object database.

2

Build Policies

Add AI blocking rules to policy packages. Use ADOM-level assignment for device group targeting.

3

Install & Verify

Push to all managed FortiGates. FortiManager validates before installation and reports per-device status.

Revision history: FortiManager logs every policy change — audit when AI blocking was enabled, who made the change, and roll back if needed. Required by compliance frameworks with change management mandates.

Monitoring & Reporting

FortiAnalyzer: Monitoring and Reporting on Blocked AI Traffic

Visibility into AI Adoption Pressure

Track which AI tools users attempt to access, how frequently, and from which departments. This intelligence informs policy decisions and compliance evidence.

Rich Log Entries per Block Event

Each log includes source IP, user identity (via FSSO), blocked domain, category match, and action taken. Searchable, chartable, and exportable.

# FortiAnalyzer log queries for AI tool blocking reports
# Run these in FortiAnalyzer CLI or use as SQL queries in custom reports

# Query: Top 20 blocked AI domains in the last 24 hours
execute sql-report run
    SELECT hostname, COUNT(*) AS block_count
    FROM webfilter_urlfilter
    WHERE action = 'blocked'
      AND profile = 'Block-AI-Tools'
      AND log_time > NOW() - INTERVAL 24 HOUR
    GROUP BY hostname
    ORDER BY block_count DESC
    LIMIT 20

# Query: Users with the most AI tool access attempts
execute sql-report run
    SELECT user, srcip, COUNT(*) AS attempts
    FROM webfilter_urlfilter
    WHERE action = 'blocked'
      AND profile = 'Block-AI-Tools'
      AND log_time > NOW() - INTERVAL 7 DAY
    GROUP BY user, srcip
    ORDER BY attempts DESC
    LIMIT 50

# Query: Daily trend of AI tool block events
execute sql-report run
    SELECT DATE(log_time) AS day, COUNT(*) AS daily_blocks
    FROM webfilter_urlfilter
    WHERE action = 'blocked'
      AND profile = 'Block-AI-Tools'
      AND log_time > NOW() - INTERVAL 30 DAY
    GROUP BY DATE(log_time)
    ORDER BY day ASC

Automated Reporting

Create weekly CISO reports summarizing AI-tool blocks by department
Create daily reports of newly-seen AI domains for the security ops team
Transform the blocklist from a passive control into active AI adoption intelligence

SIEM Integration

FortiGate and FortiAnalyzer support syslog, CEF, and LEEF log forwarding to Splunk, Microsoft Sentinel, Elastic, and QRadar. Block events appear as web filter logs with profile "Block-AI-Tools" and action "blocked." Use these for dashboards, alerts, and correlation with shadow AI detection signals.

Granular Control

Selective Blocking by AI Category

Not All Departments Need the Same Policy

Engineering needs code assistants. Marketing uses AI image generators. Legal requires everything blocked. Our 18-category taxonomy enables this granularity.

Category-Specific Feeds via URL Parameters

Create separate threat feed connectors per category. Apply different web filter profiles to different firewall policies based on user groups.

# Category-specific feeds for selective blocking
# Each URL returns only domains in the specified categories

config system external-resource
    # Feed: Block text/language AI tools (ChatGPT, writing assistants)
    edit "AI-Block-TextLanguage"
        set type url-list
        set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=text-language&key=YOUR_API_KEY"
        set refresh-rate 60
        set status enable
    next

    # Feed: Block image/visual AI tools (Midjourney, DALL-E, etc.)
    edit "AI-Block-ImageVisual"
        set type url-list
        set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=image-visual&key=YOUR_API_KEY"
        set refresh-rate 60
        set status enable
    next

    # Feed: Block code/dev AI tools (Copilot, Cursor, Replit AI, etc.)
    edit "AI-Block-CodeDev"
        set type url-list
        set resource "https://feeds.aitoolsblocklist.com/v1/domains?format=fortigate&category=code-development&key=YOUR_API_KEY"
        set refresh-rate 60
        set status enable
    next
end
Text & Language
Chatbots, writing, translation
Code & Development
Code assistants, autocomplete
Image & Visual
Image gen, editing, avatars
Agents & Automation
Autonomous agents, RPA
Audio, Voice & Music
TTS, voice clone, transcription
Data & Analytics
BI, scraping, extraction
Verification

Verify Your Configuration and Troubleshoot Common Issues

Test AI tool blocking end-to-end from a client behind the FortiGate. Confirm block actions appear in logs with the correct profile match.

# Verification commands — run on the FortiGate CLI

# 1. Confirm the external threat feed is loaded and populated
diagnose sys external-resource list

# Expected output:
# Name: AI-Tools-Blocklist
# Type: url-list
# Status: up
# Last-refresh: 2026-07-09 02:00:15
# Entry-count: 42387

# 2. Check if a specific domain is in the loaded feed
diagnose sys external-resource entry-list "AI-Tools-Blocklist" | grep "openai.com"

# 3. Test web filter matching for a domain
diagnose webfilter url-filter test "https://chat.openai.com"

# 4. Monitor real-time block events
diagnose debug application urlfilter -1
diagnose debug enable

# 5. Review recent web filter log entries
execute log filter category 4
execute log filter field action block
execute log display

Feed Shows Zero Entries

FortiGate can't reach the feed URL. Verify DNS resolution and outbound HTTPS from the management VDOM. Run execute ping feeds.aitoolsblocklist.com to diagnose.

Timeout Instead of Block Page

Flow-based inspection without SSL sends a TCP RST instead of an HTTP block page. Enable SSL deep inspection or switch to proxy-based inspection mode.

Some AI Tools Not Blocked

Tools on CDN or shared-hosting domains can't be blocked without collateral damage. Use application control profiles or see our enterprise guide for edge cases.

Best Practices

FortiGate AI Blocking Best Practices

Lessons from deploying AI-tool blocking across hundreds of FortiGate environments.

Layer Your Defenses

Enable web filtering and DNS filtering simultaneously. Together they cover gaps that either one alone would miss.

Set Appropriate Refresh Rates

60 minutes for enterprise, 1440 for standard. Shorter intervals return the same data and waste bandwidth.

Start with Monitor Mode

Set web filter to "monitor" for one week first. Understand AI tool usage patterns before enforcing hard blocks.

Block DoH/DoT Bypass

Block known DoH resolvers at the firewall and disable DoH in managed browsers. FortiOS 7.2+ includes native DoH detection.

Forward Logs to SIEM

Block events reveal shadow AI adoption patterns and compliance gaps invisible without centralized log analysis.

Use FortiManager ADOMs

Maintain separate AI blocking policies per business unit. Engineering ADOMs allow code AI; finance ADOMs block everything.

Ready to Block AI Tools on Your FortiGate?

Download the free 500-domain sample to test the external threat feed on your FortiGate today. Or tell us your FortiOS version and environment details, and we will send a ready-to-import configuration.

Download Free Sample View Plans

Request a FortiGate-Ready Feed

Specify your FortiOS version, number of managed devices, and whether you use FortiManager. We will send a ready-to-import threat feed URL within 24 hours.