7,023 questions
A domain suffix is automatically added to anything you type in the browser to search as default if we don't mention the TLD for FQDN.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 65%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SAM2023
31
Reputation points
Hi
A domain suffix is automatically added to anything you type in the browser to search as default if we don't mention the TLD for FQDN.
e.g. (let's assume my internal domain suffix is xyz.com and this is purely for internal purposes and the domain is not used externally or is owned by me).
The issue I am facing is when I search anything in the browser let's say for e.g. (http://jhht) and if I don't specify the TLD (e.g. .com or .org), it adds my domains suffix to it. so now it's treated as jhht.xyz.com and resolves to that webpage.
If the webpage is malicious then there are chances of malware infection.
tried blocking the xyz.com domain via proxy, the proxy only blocks if it's an FQDN and doesn't block anything that does not have an FQDN. We use the Force Point proxy.
please let me know if there is any way by which a suffix is not added by default to your browser address while searching something.
This is an on-premise domain implementation and not azure.
Thanks
Simon
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Shashi Shailaj 7,631 Reputation points Microsoft Employee Moderator2021-10-18T08:09:30.243+00:00 Can you check the following registry keys and see if the DNS suffix search list contains the appended domain name ? Try removing it from there and checking ?
HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\SearchList
Sign in to comment
Sign in to answer