After using Obsidian for personal use, I’d like to use it at work for my work notes.
In order to do that, I need approval from our InfoSec team, and they may not approve it because sync is a feature.
Is there a sync domain name they can block or a way to prevent sync from being accessible for the app?
Sync is a core plugin that you can turn off.
The question is how to block/prevent it from being turned on, so that the security department can allow the app to be installed.
@falcon you may find information here from Whitenoise. Your team can likely block it via a proxy server. Proxy setting - #2 by WhiteNoise
Thanks for the link. Unfortunately, it looks like the url’s are a bit too broad. I work for a tech company, we can’t block github 
I was hoping that somebody would be able to point out a more restrictive url pattern to block like sync.obsidian.md, etc, but I haven’t been able to uncover any extra domains. I’ve searched for issued certificates, but that only turned up a wildcard cert, and random nslookup queries haven’t found anything useful.
The main thing I’m seeing is a .obsidian/core-plugins.json file in the root of the vault that gets an entry for sync when enabled, but that’s going to require them to write powershell automation to block, when a url is going to be much easier and cleaner.
fwiw, it looks like I’m going to have to ask them to block publish.obsidian.md as well.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
block sync-xx.obsidian.md xx going from 00 to 99