diff --git a/lib/onebox/engine/whitelisted_generic_onebox.rb b/lib/onebox/engine/whitelisted_generic_onebox.rb
index 1ea9a90892f..e711b960c9b 100644
--- a/lib/onebox/engine/whitelisted_generic_onebox.rb
+++ b/lib/onebox/engine/whitelisted_generic_onebox.rb
@@ -1,10 +1,12 @@
+require "ipaddr"
+
 module Onebox
   module Engine
     class WhitelistedGenericOnebox
 
       # overwrite the whitelist
       def self.===(other)
-        true
+        other.is_a?(URI) ? (IPAddr.new(other.hostname) rescue nil).nil? : true
       end
 
       # ensure we're the last engine to be used
diff --git a/spec/components/onebox/engine/whitelisted_generic_onebox_spec.rb b/spec/components/onebox/engine/whitelisted_generic_onebox_spec.rb
new file mode 100644
index 00000000000..f6d8c38840b
--- /dev/null
+++ b/spec/components/onebox/engine/whitelisted_generic_onebox_spec.rb
@@ -0,0 +1,18 @@
+require 'rails_helper'
+
+describe Onebox::Engine::WhitelistedGenericOnebox do
+
+  describe ".===" do
+
+    it "matches any domain" do
+      expect(described_class === URI('http://foo.bar/resource')).to be(true)
+    end
+
+    it "doesn't match an IP address" do
+      expect(described_class === URI('http://1.2.3.4/resource')).to be(false)
+      expect(described_class === URI('http://1.2.3.4:1234/resource')).to be(false)
+    end
+
+  end
+
+end