Allowlist and Denylist Settings

Last updated: March 10, 2026

Adding Domains to the Allowlist:

Screenshot 2025-09-03 at 4.32.11 PM.png

Allowlist (Site Pixel Configuration)

The Allowlist in Site Pixel Settings controls where the Vector tracking pixel is allowed to fire.

Only domains included in the allowlist can run the pixel. If a domain is not included, the pixel will not fire.

You can configure your allowlist in:

Settings → Site Pixel

This helps ensure the pixel only runs on approved domains and environments.

Why Use the Allowlist?

Customers use the allowlist to:

  • Control where their Vector pixel is active

  • Prevent the pixel from running on unauthorized or unknown domains

  • Ensure tracking only happens on approved websites or applications

  • Maintain clean and accurate tracking data

Think of the allowlist as a “pixel is allowed here” rule.

How Allowlist Matching Works

The format you enter determines what domains are allowed.

What you enterWhat gets allowed

Domain only (vector.com)

Only the root domain vector.com

Specific subdomain (www.vector.com)

Only that subdomain

Wildcard subdomain (*.vector.com)

All subdomains under vector.com

Common Use Cases

Allow a Specific Subdomain

To allow the pixel on only one subdomain, enter the full domain.

Example:

www.vector.com

This allows the pixel to fire only on that subdomain.

Other subdomains like app.vector.com or blog.vector.com will not be allowed.

Allow All Subdomains

To allow the pixel across all subdomains, use a wildcard.

Example:

*.vector.com

This allows the pixel to run on:

  • app.vector.com

  • portal.vector.com

  • blog.vector.com

  • any other subdomain under vector.com

Allow the Root Domain

If you want to allow the root domain, it must be added explicitly.

Example:

vector.com

This allows the pixel on:

  • vector.com

However, this does not automatically include subdomains like www.vector.com or app.vector.com.

Allowlist vs Denylist

If a domain or URL appears on both the allowlist and the denylist, the denylist takes priority.

This means the pixel will not fire on any URL that matches the denylist, even if the domain is otherwise allowed.

Best Practices

To ensure your pixel runs where expected:

Use wildcard notation (*) when you want the pixel to run across all subdomains.

Make sure your allowlist includes all domains where the Vector pixel should fire.

Regularly review your allowlist to remove outdated or unnecessary domains.

Denylist (Pixel Domain Verification)

The Denylist in Pixel Domain Verification allows you to prevent the Vector tracking pixel from firing on specific domains, subdomains, or URLs.

If a URL matches the denylist, the pixel will not fire, even if the domain is included on your allowlist.

This gives you precise control over where Vector tracking is allowed to run and where it is blocked.

Why Use the Denylist?

Customers often use the denylist when they want to:

  • Prevent tracking on sensitive pages (such as checkout or payment pages)

  • Exclude specific product areas or applications

  • Block tracking on third-party domains

  • Prevent the pixel from firing on internal or testing environments

Think of the denylist as a “do not track here” rule for your pixel.

What’s New

We’ve updated denylist matching to give customers more precise control over where the pixel does and does not run.

You can now block:

  • Entire domains

  • Specific subdomains

  • Individual pages or URLs

This makes it easier to fine-tune your tracking configuration without disabling tracking for an entire website.

How Denylist Matching Works

The denylist matches based on the format you enter.

What you enterWhat gets blocked

Domain only (example.com)

All pages on that domain, including www.example.com

Subdomain or wildcard (*.blocked.com)

All subdomains such as app.blocked.com and www.blocked.com

Domain + path (example.com/checkout)

Only that page. Other pages on the domain are allowed

Domain + path + query (example.com/page?utm_source=test)

Only that exact URL. Other query values are allowed

Common Use Cases

Block an Entire Domain

To stop the pixel from firing anywhere on a domain, add only the domain name.

Example:

competitor.com

This blocks the pixel on every page of that site.

Block a Specific Page

To block the pixel on just one page, add the domain plus the page path.

Example:

mysite.com/thank-you

This blocks the pixel only on that page, while allowing it to fire on other pages of the site.

Block All Subdomains

To block tracking across multiple subdomains, use a wildcard.

Example:

*.example.com

This blocks the pixel on:

Allowlist vs Denylist

If a domain or URL appears on both the allowlist and the denylist, the denylist takes priority.

In other words:

Denylist rules always win.

This ensures that anything explicitly blocked will never trigger the pixel, even if the domain is otherwise allowed.

Best Practices

To get the most out of the denylist:

  • Use domain-level rules when you want to block an entire website.

  • Use path-level rules to block sensitive pages like checkout or confirmation pages.

  • Use wildcards when blocking multiple subdomains.

  • Review denylist entries periodically to ensure tracking is configured as intended.

If you need help configuring your pixel verification settings, reach out to Vector Support at support@vector.co