diff --git a/4.2.3-uMatrix.md b/4.2.3-uMatrix.md index 8de7b4b..3ae1957 100644 --- a/4.2.3-uMatrix.md +++ b/4.2.3-uMatrix.md @@ -1,6 +1,6 @@ :small_orange_diamond: **Block TLDs** -There are [over 1,500 TLDs in existence today](https://www.icann.org/registrar-reports/accredited-list.html), many of which widely abused - see [this](https://krebsonsecurity.com/2018/06/bad-men-at-work-please-dont-click/) Krebs on Security article. Also [this](https://krebsonsecurity.com/2018/03/omitting-the-o-in-com-could-be-costly/) one. Blocking TLDs can be overly broad and akin to playing whack-a-mole. A more precise and effective strategy is to use uMatrix / uBlock Origin in hardened configurations. +There are [over 1,500 TLDs in existence today](https://www.icann.org/registrar-reports/accredited-list.html), many of which are widely abused - see [this](https://krebsonsecurity.com/2018/06/bad-men-at-work-please-dont-click/) Krebs on Security article. Also [this](https://krebsonsecurity.com/2018/03/omitting-the-o-in-com-could-be-costly/) one. Blocking TLDs can be overly broad and akin to playing whack-a-mole. A more precise and effective strategy is to use uMatrix / uBlock Origin in hardened configurations. Example: blocking [.cm](https://en.wikipedia.org/wiki/.cm) which is the [ccTLD](https://en.wikipedia.org/wiki/Country_code_top-level_domain) for Cameroon. Note: you will need both lines if you allow 1st-party (`* 1st-party * allow`), as the way uMatrix works, narrow rules win over broader rules.