The internet we use every day in our life is built in the United States as an internal usage at the very beginning, and it is designed to use ASCII only. So, the URL can be constructed by the characters listed in the ASCII only, which includes the 26 capital and lowercase letters in English and some of the common punctuations. But, some of the languages use the letter with phonetic symbols, or even the languages use the entirely different characters as Latin characters, such as Arabic, Chinese, Hebrew, Japanese and Thai. There is a new encoding system called Unicode which contents so many characters from the different languages and is still growing time by time. So, in order to present the URL with more languages, there is a new URL construct method called "Punycode" to use the limited ASCII character to present the Unicode.
However, this may cause some security issue. We can find the letters are extremely similar to another one in the different language, it is a possible that some bad guys constructed a website, and set the URL similar to a well-known website intentionally. The user may not recognize the different of the URL then access to the fake website, so your personal information like name, phone number, address, birthday or credit card number may leak to the bad guys.
Fortunately, there is a simple method that we can block all the websites which are using Punycode to construct their URLs to avoid such risk. The URL will start with "xn--" to declare it is using Punycode, so we can set up the URL Content Filter and DNS Filter to block the URLs which content "xn--".
Here are the settings should be configured:
1. Set a Keyword Object with content "xn--"
2. Set a URL Content Filter profile, to block the URL which contents the code we set in step 1
3. Set a DNS Filter profile, to filter the DNS request by the URL content filter we set in step 2
4. Set a Firewall Rule profile, to filter the connection by the rule we set in step 2 and 3
Related application notes:How to block a HTTPS website by URL Filter and DNS Filter?[Vigor3900] How to block a HTTPS website (e.g. Facebook) with URL Content Filter?
Note:Most of the browsers have fixed this issue by display the URL by the original ASCII instead of Unicode characters on their latest version, so the user may not be confused by the similar URL.
The scope of application of privacy protection policy
Personal data collection, processing and use
When you visit this website or use the functional services provided on this website, we will ask your necessary personal information and use it within that specific purpose; without your agreement in writing this website will not use your personal data for any other purpose.
When you use interactive features such as mailboxes and surveys, this site will retain your name, e-mail address, contact information and usage time.
In normal browsing, the server will record the relevant actions, including the IP address of the device you are using, the time of use, the browser you are using, the browsing and data logging, etc., as a reference for our website services. This record for internal applications will not be announced.
Statistics and analysis of collected questionnaires, statistics or descriptive text of the results will be provided for accurate service. In addition to internal research, statistical data and descriptive text will be published if it is necessary. The information published excludes information on specific individuals.
The protection of information
The website hosts are equipped with firewall, anti-virus system and other related information security equipment and the necessary security measures to protect the site and your personal information with strict protection measures. Only authorized personnel can access your Personal data. The relevant processing personnel are signed confidentiality contract, if there is breach of confidentiality obligations, will be subject to the relevant legal punishment.
In the event that it is necessary to entrust other units to provide services for business purposes, the Site will strictly require compliance with the confidentiality obligations and take the necessary inspection procedures to ensure that it will comply.
External links to the site
The policy of sharing personal information with the third party
This website will not provide, exchange, rent or sell any of your personal information to other individuals, groups, private enterprises or public agencies. However the legal basis or contractual obligations are excluded.
The foregoing proviso includes, but not limited to:
The use of Cookie