Wifi Network: Blocking Adult Content

I was looking for ways about how to generally block most adult content for users who connect to a WiFi network. My Internet searches have not been fruitful, but I found articles that mentioned business that do and do not block content on their WiFi networks.

Thanks for the help guys!

Over half of free WiFi hotspots don't filter adult content - Recombu

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

ajs1976

The meraki devices I have has a setting to block adult content but I have not tested it. Normally, I would expect to use that function on the router/firewall not on the wireless access point.

CoolAsAFan

Couldn't you just use a firewall/proxy?

docrice

I seem to recall cases where someone used a transparent Squid proxy and integrated a URL-based categorization engine, perhaps something like this:

https://www.untangle.com/store/web-filter-conf.html

DevilWAH

This makes me think of websence or any other URL filtering appliance. There not on the wireless but put either inline or via a monitor tap to look at the traffic and compare it to URL filter list.

There are a load of companies out there with products like this, most have a centralize database that is downloaded at regular intervals. and they range from £100's to £1000's depending on features. Or there are even free databases if you look for them but I not sure what guarantee you have they are accurate.

Checkpoint, Cisco and Websence are the three I have dealt with, however there are many more. If you only want to filter wireless traffic then thats simple to set up. and like every thing in IT there as many ways to skin that cat.

Qord

I block them at home by using opendns dns servers. Not sure if that's a viable option for what you want to do, and there are definitely easy ways around it if someone is curious enough to search for it.

--chris--

Qord wrote: »

I block them at home by using opendns dns servers. Not sure if that's a viable option for what you want to do, and there are definitely easy ways around it if someone is curious enough to search for it.

Very cool stuff, I never knew that existed!

filkenjitsu

Guys, looks like OpenDNS will be the option for me to use. I can setup the OpenDNS ips in any wireless router and setup the filtering at the DNA end. This is a free solution for home users.

Cert Poor

You guys beat me to the OpenDNS suggestion. It's definitely the fastest "keep it simple" solution. To be effective, you'd have to block all other DNS requests from going outbound or tech savvy users can just override DNS settings.

For everyone's quick reference, the OpenDNS FamilyShield servers are:

208.67.222.123
208.67.220.123

Those automatically block adult content without any configuration or account needed.

The regular servers are:

208.67.222.222
208.67.220.220

I definitely like the built-in phishing/malware protection, so I've switched over my home devices to 100% strict OpenDNS. I don't have an account and don't see the need to do categorical filtering for my needs.

EV42TMAN

Hopefully the openDNS option works out for you, but just in case it doesn't here is a few other options.

Meraki- Their wireless APs have adult content filtering and it works, but the access points are expensive and it doesn't cover the whole network, only the wireless network.

Watchguard/Sonicwall/Cisco/Any Major Firewall provider- They all have services to dynamically block content and on all of them they are an extra yearly subscription fee. On Watchguard its called Web Blocker, on Cisco its called WebSense, on SonicWall its called... I can't remember because I hate working with Sonicwall firewalls, but you get my point.

If it's for a business that has departments/people with different needs, I'd recommend the firewall approach because if gives you more granularity in the configuration and centralized management on it's implementation. The openDNS solution is more of a all or none approach that can be side stepped by manually typing in 8.8.8.8.

filkenjitsu

Thanks guys! Very small non-profit with 4 to 10 users max at one time.

No one tech savvy that should not have unfiltered access anyways.