Block websites having ssl cached in browser

Hi there,
I am trying to block youtube.com in my home network.
For that, I am using below rule:

drop tls any any -> any any (msg:"ssl/tls certicate from youtube.com"; flow:established,to_server; tls.sni; content:"youtube.com"; nocase; endswith; tls.store; sid:128280;)

Blocking works if I test it using curl -I https://www.youtube.com
But, in browser, if I already had youtube.com opened before enabling above rule, then I can continue using youtube until I reset my browser to default (clear browser data).
What I want is to block ‘youtube.com’ entirely after enabling suricata rule.
Any pointer regarding same will be really helpful.

Edit:
Version Info:

This is Suricata version 6.0.1 RELEASE

Distributor ID:	Debian
Description:	Debian GNU/Linux 10 (buster)
Release:	10
Codename:	buster

Thanks,

Have you tried blocking DNS request? Based on your description it’s suitable for your intent.