ESET Online Help

Search English
Select the topic

How to add URL mask

See the instructions in this dialog before you type the desired address/domain mask.

ESET Endpoint Antivirus enables you to block access to specified websites and prevent the internet browser from displaying their content. You can also specify addresses, which should be excluded from checking. If the complete name of the remote server is unknown, or the user wants to specify a whole group of remote servers, so called masks can be used to identify such a group. The masks include the symbols “?” and “*”:

  • use ? to substitute a symbol
  • use * to substitute a text string.

For example *.c?m applies to all addresses, where the last part begins with the letter c, ends with the letter m and contains an unknown symbol in between them (.com, .cam, etc.).

For instance, the mask *x? denotes any address with x as the last but one character. To match the whole domain, type it in the form **. Specifying protocol prefix http://, https:// in the mask is optional. If omitted, the mask will match any protocol. A leading "*." sequence is treated specially if used at the beginning of domain name. First, the * wildcard does not match the slash character ('/') in this case. This is to avoid circumventing the mask, for example the mask * will not match (such suffix can be appended to any URL without affecting the download). And second, the "*." also matches an empty string in this special case. This is to allow matching whole domain including any subdomains using a single mask. For example the mask * also matches Using * would be incorrect, as that would also match


Information and Warning logging verbosity is available only for rules which contain at least two components without wildcards within the domain. For example:

  • **
  • **