Preflight checks
Problem or motivation
Windscribe currently allows hostname and IP-based rules in Split Tunneling, but hostname entries require exact matches.
Many modern websites and services rely on numerous subdomains. When a user needs a service to bypass the VPN, they must manually identify and add every hostname used by that service to the exclusion list.
For example, a service may use:
example.com
api.example.com
cdn.example.com
auth.example.com
assets.example.com
This creates several problems:
- The exclusion list becomes unnecessarily large and difficult to manage.
- Users must inspect network traffic to discover all required hostnames.
- If the service introduces new subdomains in the future, the split tunneling configuration breaks until the new hostnames are manually added.
- Maintaining exclusions for large services becomes cumbersome and error-prone.
A wildcard-based approach would significantly simplify configuration and improve reliability.
Proposed solution
Add support for wildcard hostname matching in Split Tunneling rules.
For example, allowing users to enter:
*.example.com
Behavior:
- *.example.com should match example.com itself.
- *.example.com should match all subdomains, including:
- api.example.com
- cdn.example.com
- auth.example.com
- assets.example.com
- Any future subdomains added by the service.
- Matching traffic should follow the configured Split Tunneling behavior (Exclude or Include mode) exactly as existing hostname rules do.
- Wildcard rules should coexist with existing exact hostname and IP rules.
This would provide a much simpler and more maintainable way to configure hostname-based split tunneling.
Alternatives considered
Manually adding every hostname
This is the current workaround. However, it requires users to discover and maintain a potentially large list of hostnames. The configuration can easily break when a service adds or changes subdomains.
Using IP-based rules
Many services use multiple IP addresses, CDNs, load balancers, and cloud infrastructure. IP addresses can change over time, making IP-based exclusions difficult to maintain and often less reliable than hostname-based rules.
Continuously monitoring network requests
Users can inspect browser developer tools or network traffic and keep updating their Windscribe rules whenever new hostnames appear. This is time-consuming, error-prone, and not practical for most users.
Supporting wildcard hostnames would provide a cleaner, more robust, and easier-to-manage solution.
Which platforms should this apply to?
All platforms
Additional context
No response
Preflight checks
Problem or motivation
Windscribe currently allows hostname and IP-based rules in Split Tunneling, but hostname entries require exact matches.
Many modern websites and services rely on numerous subdomains. When a user needs a service to bypass the VPN, they must manually identify and add every hostname used by that service to the exclusion list.
For example, a service may use:
example.com
api.example.com
cdn.example.com
auth.example.com
assets.example.com
This creates several problems:
A wildcard-based approach would significantly simplify configuration and improve reliability.
Proposed solution
Add support for wildcard hostname matching in Split Tunneling rules.
For example, allowing users to enter:
*.example.com
Behavior:
This would provide a much simpler and more maintainable way to configure hostname-based split tunneling.
Alternatives considered
Manually adding every hostname
This is the current workaround. However, it requires users to discover and maintain a potentially large list of hostnames. The configuration can easily break when a service adds or changes subdomains.
Using IP-based rules
Many services use multiple IP addresses, CDNs, load balancers, and cloud infrastructure. IP addresses can change over time, making IP-based exclusions difficult to maintain and often less reliable than hostname-based rules.
Continuously monitoring network requests
Users can inspect browser developer tools or network traffic and keep updating their Windscribe rules whenever new hostnames appear. This is time-consuming, error-prone, and not practical for most users.
Supporting wildcard hostnames would provide a cleaner, more robust, and easier-to-manage solution.
Which platforms should this apply to?
All platforms
Additional context
No response