AI Tools Blocklist
Home AI Tools Database Taxonomy Pricing
Solutions
Enterprise IT & CISO Education Firewall Admins Shadow AI Prevention
Integrations
Palo Alto Networks FortiGate Cisco Umbrella pfSense REST API
Download Free Sample
Zscaler ZIA Guide

Block AI Tools with Zscaler Internet Access (ZIA)

Deploy a comprehensive AI-tool blocklist across your entire ZIA tenant — custom URL categories, cloud app control, DLP, and API automation covering 16,024+ classified AI domains.

16,024+AI Domains
18Categories
CloudNative
DailyUpdates
Download Sample Domain List View Pricing
Why Zscaler

Why Zscaler Is Uniquely Positioned to Block AI Tools

Every user's traffic passes through Zscaler's cloud before reaching the internet — office, home, or mobile. One policy in the ZIA Admin Portal protects everyone, everywhere, instantly.

Cloud-Native Enforcement

No appliances to deploy. Zscaler sits in the data path for all users, all protocols, all locations — no split-tunnel gaps or DNS leaks.

Universal Coverage

Add 16,024+ AI-tool domains to a custom URL category and every Client Connector user is protected — before connections are established.

App-Layer Detection

Cloud App Control identifies AI tools by behavior — not just domain — catching AI features embedded inside legitimate SaaS platforms.

API Automation

The ZIA API lets you programmatically update custom URL categories — enabling automated daily syncs with our domain feed, zero manual effort.

Coverage at a Glance

16,024+
AI domains in custom URL category
102M
Domain corpus scanned
18
Functional categories
API
Automated sync available
Custom URL Categories

Creating a Custom URL Category for AI Tools

ZIA's built-in "AI/ML Applications" category covers only a fraction of AI-tool domains. A custom URL category lets you fill the gap with our continuously-updated feed of 16,024+ domains.

Manual Setup Steps

1

Navigate

Go to Administration > URL Categories and click Add Custom Category.

2

Name & Populate

Name it "AI Tools Blocklist." Add domains in bare format (openai.com) or with wildcards (.openai.com).

3

Create Filtering Rule

Go to Web Policy > URL & Cloud App Control. Add a rule targeting your custom category with Block action.

4

Apply & Activate

Scope the rule to user groups, departments, or locations. Every user in scope sees a block page instantly.

Key Facts

Manual Limit: 25,000 URLs

Custom URL categories support up to 25,000 URLs when configured through the portal.

API Limit: 100,000 URLs

Via the ZIA API, each category supports up to 100,000 URLs — more than enough for our 16,024+ domains.

Automatic Subdomain Matching

Wildcard entries like .openai.com match all subdomains automatically.

Manual doesn't scale. We add hundreds of new AI domains every week. Use the ZIA API (covered below) to automate daily syncs.

# Create a custom URL category via the ZIA API
# Step 1: Authenticate and obtain a session token

curl -X POST "https://zsapi.zscaler.net/api/v1/authenticatedSession" \
  -H "Content-Type: application/json" \
  -d '{
    "apiKey": "YOUR_OBFUSCATED_API_KEY",
    "username": "[email protected]",
    "password": "YOUR_PASSWORD",
    "timestamp": "1720483200000"
  }'

# Step 2: Create the custom URL category with AI tool domains

curl -X POST "https://zsapi.zscaler.net/api/v1/urlCategories" \
  -H "Content-Type: application/json" \
  -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \
  -d '{
    "configuredName": "AI Tools Blocklist",
    "customCategory": true,
    "superCategory": "USER_DEFINED",
    "type": "URL_CATEGORY",
    "urls": [
      "openai.com",
      "chat.openai.com",
      "claude.ai",
      "anthropic.com",
      "gemini.google.com",
      "midjourney.com",
      "jasper.ai",
      "copy.ai",
      "writesonic.com",
      "huggingface.co"
    ],
    "dbCategorizedUrls": [],
    "description": "AI tool domains from aitoolsblocklist.com — updated daily"
  }'
URL Filtering Policies

Configuring URL Filtering Rules to Block AI Traffic

ZIA evaluates URL filtering rules top-to-bottom — first match wins. Place your AI-blocking rule above any permissive "allow all" rules, but below department-specific allow exceptions.

Rule Configuration Checklist

Navigate to Web Policy > URL & Cloud App Control and click Add Rule
Set Name to "Block AI Tools"
Set URL Categories to your custom "AI Tools Blocklist" category
Set Action to Block
Under Applies To, select target users, departments, groups, or locations
Optionally enable Override for admin bypass during evaluation periods

Tip: Use the Caution action for a soft rollout. It displays a warning page but lets users proceed — ideal for educating users before hard-blocking.

Assessment phase? Set the action to Allow with Log enabled to audit AI-tool usage before enforcing.

Available Actions

Block Action

Hard block with customizable block page. All requests logged with user, device, timestamp, and domain metadata.

Caution Action

Warning page with click-through. Ideal for rollout — educate users and measure AI-tool usage before hard-blocking.

Monitor (Allow + Log)

Allow traffic but log every transaction. Use during discovery to audit AI tool access before defining final policy.

Override Action

Block by default, allow bypass with credentials. Useful for security teams or researchers needing occasional AI access.

Cloud App Control

Cloud App Control: Blocking AI at the Application Layer

URL filtering blocks domains. Cloud App Control goes deeper — inspecting traffic patterns, TLS attributes, and HTTP headers to detect AI tools embedded inside other platforms.

What Cloud App Control Detects

Embedded AI Features

Detects AI tools embedded inside legitimate SaaS platforms that simple domain matching misses.

Granular Action Control

Allow "browse" but block "upload," "post," or "AI-assist" actions for supported applications.

Shared Infrastructure Detection

Identifies AI tools hosted on shared infrastructure or accessed through API endpoints that don't match simple domain patterns.

URL Filtering vs. Cloud App Control

URL Filtering

Blocks by domain name
Covers 16,024+ domains via custom category
Catches the long tail of AI tools
Cannot block embedded AI features

Cloud App Control

Blocks by application behavior
Detects AI inside other platforms
Granular action-level control
Limited to Zscaler's app catalog

Setup Checklist

Navigate to Web Policy > URL & Cloud App Control > Cloud App Control tab
Search for AI apps: ChatGPT, Claude, Midjourney, GitHub Copilot, Grammarly AI, Google Bard
Set action to Block for each
Your custom URL category acts as the safety net for unlisted AI tools

Defense-in-depth: Combine both layers. Cloud App Control catches known apps by behavior; URL filtering catches the long tail by domain. If Zscaler's catalog hasn't classified a new AI tool, the domain-level blocklist catches it within 24 hours.

User & Group Policies

User-Based and Group-Based AI Blocking Policies

A blanket block for all users is rarely the right policy. ZIA supports user-based, group-based, department-based, and location-based assignments for granular control.

Example Policy Matrix

Department AI Code Tools AI Writing Tools AI Image Tools
Engineering Allowed Blocked Blocked
Finance Blocked Blocked Blocked
Data Science Allowed Allowed Blocked
All Others Blocked Blocked Blocked

Identity Provider Integration

Auto-Sync with Your IdP

ZIA integrates with Azure AD, Okta, Active Directory (via provisioning agent), and SCIM — groups and departments stay synchronized automatically.

Zero-Touch Policy Inheritance

New employees inherit their department's AI-tool policy on join. Transfers update on the next sync cycle.

# ZIA API: Create a URL filtering rule scoped to a specific department
# This rule blocks AI writing tools for the Finance department only

curl -X POST "https://zsapi.zscaler.net/api/v1/webApplicationRules" \
  -H "Content-Type: application/json" \
  -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \
  -d '{
    "name": "Block AI Writing Tools - Finance",
    "order": 3,
    "state": "ENABLED",
    "action": "BLOCK",
    "urlCategories": ["AI_WRITING_TOOLS"],
    "departments": {
      "id": [98765]
    },
    "protocols": ["ANY_RULE"],
    "requestMethods": ["GET", "POST", "PUT"],
    "blockOverride": false,
    "description": "Block Text & Language AI tools for Finance department"
  }'

# Separate rule: Allow AI Code Tools for Engineering
curl -X POST "https://zsapi.zscaler.net/api/v1/webApplicationRules" \
  -H "Content-Type: application/json" \
  -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \
  -d '{
    "name": "Allow AI Code Tools - Engineering",
    "order": 2,
    "state": "ENABLED",
    "action": "ALLOW",
    "urlCategories": ["AI_CODE_TOOLS"],
    "departments": {
      "id": [12345]
    },
    "protocols": ["ANY_RULE"],
    "description": "Allow Code & Dev AI tools for Engineering department"
  }'

Rule order matters. Place specific allow rules (e.g., "Allow AI Code Tools for Engineering") above general block rules. A broad block at position 1 catches all traffic before exceptions fire.

DLP Integration

DLP Integration: Catching Data Leakage to AI Tools

Domain blocking is the first line of defense. Zscaler's inline DLP engine adds a second layer — inspecting outbound content to catch sensitive data sent to AI tools you haven't blocked yet.

What DLP Inspects

HTTP POST Bodies & File Uploads

Scans form submissions, file uploads, and API payloads in real time before data leaves your network.

Sensitive Content Patterns

Detects SSNs, credit card numbers, source code patterns, and proprietary document markers.

Custom Regex Patterns

Match your organization's confidential data formats — catches code pasted into unknown AI chatbots.

DLP Rule Configuration

Navigate to Web Policy > Data Loss Prevention
Set DLP Dictionaries to target content types: source code, PII, financial data, healthcare data
Set URL Categories to include your custom "AI Tools Blocklist" + Zscaler's built-in AI categories
Set action to Block
Create a second DLP rule for all URL categories with specific content dictionaries — catches exfiltration to unknown AI tools

Defense-in-Depth: Two Layers Working Together

Layer 1: URL Filtering

Blocks all traffic to 16,024+ known AI-tool domains. Updated daily. Catches known tools instantly at the DNS/URL layer before any data is transmitted.

Layer 2: Inline DLP

Inspects content in outbound payloads to any destination. Catches sensitive data exfiltration to unknown or newly-launched AI tools that are not yet in the blocklist.

SSL Inspection

SSL Inspection: Why It Matters for AI Blocking

Every AI tool operates over HTTPS. Without SSL inspection, ZIA can block by domain (via SNI) but cannot inspect request content. DLP and Cloud App Control require decrypted traffic to function.

With vs. Without SSL Inspection

Without SSL

URL filtering works (via SNI)
DLP cannot scan payloads
Cloud App Control limited
No content inspection possible

With SSL

URL filtering works (full URL)
DLP scans request payloads
Full Cloud App Control detection
Complete content inspection

Enable SSL Inspection

1

Create SSL Rule

Navigate to Web Policy > SSL Inspection. Create a rule targeting your "AI Tools Blocklist" category.

2

Deploy Root CA

Deploy Zscaler's root CA certificate to endpoints via Client Connector, Group Policy (Windows), or MDM (macOS/iOS).

3

Verify & Test

Access an AI-tool domain and confirm no TLS certificate errors appear. Verify DLP and content inspection events in logs.

4

Review Exemptions

Audit your SSL exemption list to ensure no AI-tool domains are inadvertently exempted from inspection.

Certificate pinning alert. Some apps (financial, healthcare, government) use certificate pinning and will break with SSL inspection. Maintain your exemption list — but ensure AI-tool domains never appear on it.

API Automation

Automating Daily Updates with the ZIA API

Manual portal updates don't scale when the domain list changes daily. The ZIA API lets you script the entire workflow — fetch, authenticate, update, activate — via a daily cron job.

The ZIA API uses session-based authentication. Sessions expire after 30 minutes idle, so long-running scripts should handle re-authentication.

# Complete Python script: sync AI Tools Blocklist feed to ZIA custom URL category
# Run daily via cron: 0 3 * * * /usr/bin/python3 /opt/scripts/zia_ai_sync.py

import requests, json, time, hashlib, sys

ZIA_BASE     = "https://zsapi.zscaler.net/api/v1"
ZIA_USERNAME = "[email protected]"
ZIA_PASSWORD = "YOUR_PASSWORD"
ZIA_API_KEY  = "YOUR_API_KEY"
FEED_URL     = "https://feeds.aitoolsblocklist.com/v1/domains?format=json&key=YOUR_FEED_KEY"
CATEGORY_ID  = 12345678  # Your custom URL category ID

def obfuscate_api_key(api_key, timestamp):
    high = timestamp[-6:]
    low = str(int(high) >> 1)
    key = ""
    for i in range(len(high)):
        key += api_key[int(high[i])]
    for i in range(len(low)):
        key += api_key[int(low[i]) + 2]
    return key

# Step 1: Fetch latest AI tool domains from our feed
print("[*] Fetching AI tool domain feed...")
feed = requests.get(FEED_URL).json()
domains = feed["domains"]
print(f"[+] Retrieved {len(domains)} domains")

# Step 2: Authenticate with ZIA API
ts = str(int(time.time() * 1000))
obf_key = obfuscate_api_key(ZIA_API_KEY, ts)
session = requests.Session()
auth_resp = session.post(f"{ZIA_BASE}/authenticatedSession", json={
    "apiKey": obf_key, "username": ZIA_USERNAME,
    "password": ZIA_PASSWORD, "timestamp": ts
})
auth_resp.raise_for_status()
print("[+] Authenticated with ZIA API")

# Step 3: Update the custom URL category with new domains
update_resp = session.put(f"{ZIA_BASE}/urlCategories/{CATEGORY_ID}", json={
    "configuredName": "AI Tools Blocklist",
    "urls": domains,
    "description": f"Updated {time.strftime('%Y-%m-%d')} — {len(domains)} AI tool domains"
})
update_resp.raise_for_status()
print(f"[+] Updated category with {len(domains)} domains")

# Step 4: Activate the configuration change
activate_resp = session.post(f"{ZIA_BASE}/status/activate", json={
    "status": "ACTIVE"
})
activate_resp.raise_for_status()
print("[+] Configuration activated — all ZIA nodes will apply the update")

# Step 5: Clean up session
session.delete(f"{ZIA_BASE}/authenticatedSession")
print("[+] Session closed. Sync complete.")

Key ZIA API Endpoints

POST /authenticatedSession

Authenticate and receive session cookie. Required before all other API calls. Session expires after 30 minutes idle.

PUT /urlCategories/{id}

Replace the URLs in a custom category. Send the full domain list each time — this is an overwrite, not an append. Supports up to 100,000 URLs per category via API.

POST /status/activate

Activate pending configuration changes. Without this call, URL category updates sit in a "pending" state and are not enforced. Always call this after updating categories.

GET /urlCategories

List all custom URL categories. Use this to look up the category ID for your AI Tools Blocklist category if you do not already know it.

# ZIA API: Bulk domain upload using the URL lookup endpoint
# Useful for verifying which domains ZIA already categorizes vs. custom additions

curl -X POST "https://zsapi.zscaler.net/api/v1/urlLookup" \
  -H "Content-Type: application/json" \
  -H "Cookie: JSESSIONID=YOUR_SESSION_ID" \
  -d '[
    "openai.com",
    "claude.ai",
    "midjourney.com",
    "newaitool.com",
    "obscure-ai-assistant.io"
  ]'

# Response shows Zscaler's built-in categorization for each domain:
# [
#   {"url":"openai.com", "urlClassifications":["AI/ML Applications"]},
#   {"url":"claude.ai", "urlClassifications":["AI/ML Applications"]},
#   {"url":"newaitool.com", "urlClassifications":["Uncategorized"]},
#   ...
# ]
# Domains classified as "Uncategorized" by Zscaler are exactly why you
# need the custom URL category — they will not be blocked by default.
Logging & Reporting

Logging, Reporting, and Compliance Audit Trails

Every ZIA transaction is logged with rich metadata — giving you a complete, searchable audit trail of every AI-tool access attempt across your organization.

What Gets Logged

User identity (SAML, SCIM, directory)
Department and source device
Destination domain and full URL
Matched URL category
Action taken (block, allow, caution)
Rule that fired
Timestamp and data transferred
Exportable to SIEM via NSS

Access dashboards under Analytics > Web Insights. Filter by your custom "AI Tools Blocklist" category for trends, top users, most-accessed domains, and department breakdowns.

Transaction Logs

Full-text searchable in ZIA portal with CSV export. Every HTTP/HTTPS transaction with complete metadata.

Web Insights Dashboard

Built-in analytics with trends, top blocked domains, and department-level breakdowns. Filter by custom URL category.

NSS / SIEM Integration

Nanolog Streaming Service pushes real-time logs to Splunk, Sentinel, QRadar, or syslog for correlation and alerting.

# Splunk query: AI-tool block events by department over the last 7 days

index=zscaler sourcetype=zscalernss-web action="Blocked"
  urlcategory="AI Tools Blocklist"
| timechart span=1d count by department
| sort -count

# Splunk alert: detect user with 50+ blocked AI requests in 1 hour
# (possible circumvention attempt or automated tool)

index=zscaler sourcetype=zscalernss-web action="Blocked"
  urlcategory="AI Tools Blocklist"
| bin _time span=1h
| stats count by _time, user, department
| where count > 50
Implementation Checklist

Step-by-Step: Deploy AI Blocking in ZIA

Most deployments go from zero to full AI blocking in under two hours. Follow these steps in the ZIA Admin Portal or via the API.

1

Create Custom URL Category

In ZIA Admin Portal, go to Administration > URL Categories > Add Custom Category. Name it "AI Tools Blocklist." Populate it with domains from our feed — manually for a quick test, or via the API for production.

2

Create URL Filtering Rule

Go to Web Policy > URL & Cloud App Control. Add a rule that targets your custom category with a Block action. Scope it to the appropriate user groups, departments, and locations.

3

Enable SSL Inspection

Add an SSL inspection rule for your AI Tools Blocklist category. Deploy the Zscaler root CA certificate to managed endpoints via Client Connector, Group Policy, or MDM.

4

Configure DLP Rules

Create DLP rules that inspect content destined for AI-tool URLs. Target sensitive data dictionaries — PII, source code, financial data. This catches data leakage even to AI tools not yet in the blocklist.

5

Automate Feed Sync

Deploy the Python sync script (above) as a daily cron job. It fetches the latest domains from our API, updates the ZIA custom URL category, and activates the change — zero manual effort.

6

Verify and Monitor

Test by browsing to a known AI-tool domain from a Zscaler-connected device. Verify the block page appears. Check Analytics > Web Insights for logged events. Configure NSS to stream logs to your SIEM.

Ready to Deploy AI Blocking on Zscaler?

Download the free 500-domain sample to test in your ZIA tenant today. Or tell us your Zscaler deployment details and we will deliver a feed in the exact format ZIA expects.

Download Free Sample View Plans

Tell Us About Your Zscaler Deployment

Specify your ZIA tenant cloud (zscaler.net, zscalerone.net, etc.), number of users, and whether you need API automation. We will send a ready-to-import feed within 24 hours.