• @Passerby6497
    link
    English
    117 months ago

    Doing so at the dns layer is a much better option, as it prevents the end user or malware from bypassing those restrictions with a non-standard browser or modifying the client settings (which shouldn’t happen, but can).

    In an enterprise environment, which is exactly what this is aimed at, that kind of protection is a boon against the random shit end users click on.