Plucky rules change what you are able to access over the Internet, and which programs are allowed to access the Internet. They live in your Plucky configurations, and they always contain one of allow, block, blot, or flee, or one of unallow, unblock, unblot, or unflee.

Recall that rules can be added in one of 3 places.

Example Rules

Here are some example Plucky rules in textual form:

block image/
allow example.com
allow 127.0.0.1
block facebook.com
flee word:pizza

The above 5 rules tell Plucky to block images by default, to allow all content from example.com or 127.0.0.1, to block facebook.com, and to flee any website containing the word “pizza”.

A rule consists of an action, a context, and optionally a when modifier.

How to add a rule

A rule can be added in the browser, in a console, or on the user site.

How to remove a rule

A rule can be removed in the browser, in a console, or on the user site.

Action

All rules contain an action that is either allow, block, blot, or flee.

allow
allow some specific context
block
block some specific context
blot
block imagery on a webpage
flee
flee a word or website
unallow
undo an allow rule
unblock
undo a block rule
unblot
undo a blot rule
unflee
undo a flee rule

allow

allow example.com

block

block example.com

blot

blot word pizza
blot word spaghetti sauce

The blot action instructs Plucky to block imagery on webpages containing the indicated words.

flee

flee host obviouslybad.com
flee url https://example.com/obviously-bad
flee word pizza
flee word spaghetti sauce

The flee action is similar to block, but stronger. While block will block access to a particular host or url, flee will block any webpage that even contains a hyperlink to a particular host or url or that contains a certain word. Generally, you use flee when the thing being fled is so obviously bad that any site that even mentions the term is probably also bad and worth blocking.

One may flee the following 3 contexts:

  1. hosts
  2. urls
  3. words

Context

A context can be a hostname, ipv4 address, ipv6 address, port, program name, media type, url, username, word (flee rules only), one of the special terms everything or otherwise, or some combination of these contexts.

host

allow example.com
block bb.example.com
allow .edu

A rule for a host automatically affects all subdomains of that host. A top-level host must be qualified with host or with an explicit . E.g., allow .edu.

ipv4

allow 192.168.1.1
allow 192.168.1.0
allow 192.168.0.0

IP addresses ending in 0 affect the entire subnet.

ipv6

allow ::1

port

block port 80

A port requires an explicit port qualification. E.g. allow port 22

protocol

block protocol wss
block protocol about

A protocol can be used to block some non-https urls in the browser. E.g., wss:, ws:, about:, etc.

program

block program calc.exe
allow program C:\Program Files\Visual Studio\code.exe
block program C:\Program Files\Visual Studio\code.exe
allow program /bin/curl

A program filename, a file system directory, or a full program pathname may be used.

See also nhb.

mediaType

block image/
allow image/svg

Either major media types or full media types can be used. See media types.

user

allow user susan
block user edmund

The user name must match that of a user on the local computer.

url

allow http://example.com/a/b/c
block http://example.com/a/b

A rule for a urls automatically affects all suburls.

word (blot and flee rules only)

flee word pizza
flee word spaghetti sauce

See flee

everything

block everything

The everything context can be used to allow or block everything. This is sometimes called a blackout (block everything) or whiteout (allow everything).

otherwise

allow otherwise

The otherwise context can be used to specify what Plucky should do when no more specific context matches.

Precedence

When more than one rule can be applied, which one has precedence?

Rule priority is not baked in stone, but roughly speaking, the more specific rule should win. Let’s look at some examples.

Example 1 : youtube.com vs www.youtube.com

block youtube.com
allow www.youtube.com

Will https://www.youtube.com/ be blocked or not given the above two rules?

Short Answer: The main web page, https://www.youtube.com/ will not be blocked because allow www.youtube.com is more specific than block youtube.com.

Longer answer: Some sub-resources may be blocked, because some sub-resources may come from https://api.youtube.com/ , and allow www.youtube.com is irrelevant to api.youtube.com, but block youtube.com is relevant, and will instruct Plucky to block.

Advice: Avoid adding rules for both a domain and its subdomain (e.g., for youtube.com and www.youtube.com) because the result is almost never what you want. The main exceptions to this are huge sites such as google.com that has accounts.google.com, mail.google.com, store.google.com, etc.

Example 2 : https://www.youtube.com/ vs youtube.com

block youtube.com
allow https://www.youtube.com/

Will https://www.youtube.com/ be blocked or not given the above two rules?

It will be allowed, not blocked, because a url rule is more specific than a host rule.

Advice: Do not mix url and host rules. If you want to block or allow an entire host, then use a host rule, but if you want to allow some urls, but not others on a given site, then use only url rules for that host.

Example 3 : https://www.youtube.com/ vs https://www.youtube.com/watch

allow https://www.youtube.com/
block https://www.youtube.com/watch

Will https://www.youtube.com/ be blocked or not given the above two rules?

https://www.youtube.com/ won’t be blocked, but https://www.youtube.com/watch?v=ZpNGsZvM7VY will be blocked.

Example 4 : program vs url

allow program chrome.exe
block https://www.youtube.com/

Will youtube be allowed?

In Chrome, yes, https://www.youtube.com/ will be allowed because the allow program chrome rule is high priority.

Example 5 : user vs url

allow user jon
block https://www.youtube.com/

Will youtube be allowed?

For jon, yes, https://www.youtube.com/ will be allowed because the allow user jon rule is high priority.

Example 6 : everything vs url

allow everything
block https://www.youtube.com/

Will youtube be allowed?

Yes, because allow everything is nearly the highest priority rule possible, second only to block everything.