Content filter for a hotspot?

By pyromaster114
Jul 21, 2010
Post New Reply
  1. Okay so my friend owns a coffee shop. She has attracted many customers by offering free wifi in her shop.

    Lately though, as usual, someone had to go and ruin it for everyone else, and start using that as their porn surfing location... so now my friend wants to implement some sort of content filter box so that she doesn't have to deal with people doing that.

    So does anyone have any experience with this type of thing?
    Could anyone recommend anything?

    We're also interested in adding a Terms of Service page that you have to click 'I Agree' on before surfing.

    Currently the only equipment in use is the cable modem and the aging Linksys wireless router... so I assume we're going to need some more equipment.

    EDIT: Some people on my other favorite tech site have recommended that I look into something called OpenDNS... does anyone know anything about it?
  2. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    OpenDNS is a controlled DNS so that junk doesn't get in and redirections are not possible.

    Trivial to implement.

    1) you need the login/password for your router
    2) access the router address using your browser & login
    3) set the OpenDNS addresses into the DNS settings

    208.67.222.222 AND
    208.67.220.220​
    4) save the settings which will restart the router​
    after that, every system will use the OpenDNS addresses when then connect to that router.

    From any system connected, you can prove this is working with run->cmd and enter
    ipconfig /all​
    you will see
    DNS Servers . . . . . . . . . . . : 208.67.222.222​

    will follow-up on the porn issue ...
  3. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    Content Filtering

    depending upon the Linksys model, you can FILTER URLS

    login with user/password for that router

    set Keyword Fliters; eg:
    porn
    xxx
    .....​
    which will deny access to any URL containing the fragment pron or xxx
    of course you can add several other phrases, but limit to word fragments not whole words
    eg porn and not pornography
  4. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    Yea, that requires a server on the back end

    Hotels frequently use that technique

    wifi ==> connection ==> forward everything t0 ==>server
    <===== terms of service display
    ======>accept conditions
    <===== reset forward condition
    wifi ====> next input ===> to router & not the server
  5. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

  6. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    Thanks for your help.

    Since I won't be able to convince them to have a server to do the "I Agree" thing... we'll scrap that idea for now, but the openDNS thing seems to be something that would work for the content filter aspect... so hopefully that will solve the main problem... and she can simply post a sign in the shop if she wants to post a terms of service thing. (A sheet of paper is so much cheaper than a computer. lol)
  7. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    I was going to suggest that path :wave:
    After all, it can't be enforced either :sigh: and it gets expensive

    btw: PLEASE PLEASE PLEASE, change the login password
    unless you would like someone like me to visit the site and take control of the router
    (naaa, I would not but there those that would just love to!).

    Make the password complex (Upper, Lower, numbers & '#&*_+=' chars)
    but also related to the site

    eg:
    #BusinessNameNNN-MMM*
    where NNN is the street Address
    & MMM is the suite number

    easy to document and/or remember :)
  8. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    I will instruct her to change the password, and if at all possible, enforce that she does it. (She goes "oh no one will mess with it..." but I'll point out she said "Oh no one will look at porn..." and look where we are now)
  9. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    btw: OpenDNS only ensures that the DNS does not get highjacked.

    Placing four-letter keywords into the router KeyWord Filtering is how to stop the porn.
  10. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    OpenDNS also offers a service for content filtering now if you enable it.
    It only requires that you have a static IP, which the shop does oddly enough.
  11. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    Superb :wave:

    If at all possible, go onsite and help out.

    PS: see PM for keyword filtering ...
  12. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    Having a problem... the linksys router is not letting me block keywords... or website URLs for that matter.
    It's just letting them through. I have the access restriction policy enabled and everything. I even set the range of IPs in there to everyone (all IPs that are possible on the class C network lol)

    It just doesn't want to work.
  13. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    hmm; get me the model number of the Linsys please; it should be there - - do you see the page for keyword restrictions?
     
  14. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    Okay I figured out what was wrong.

    URLS must be entered www.site.com. Not http://www.site.com
    Keywords must have NO punctuation in them and be only one word per box

    Also, it doesn't let me restrict a certain section of a site. I really would like to have that capability. (example: www.site.com/section1/ should be allowed, and www.site.com/section2/ could be blocked.)

    Now, if I enter that, it doesn't block any part of the site. Just lets it through.
    OpenDNS only blocks domains, so again it can't help with that.
  15. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    imo; stick with keyword blocking and don't use the OpenNDS feature:
    • porn sites move domain name frequently
    • too many to be effectively controlled anyhow
    • blocking a keyword is more generic (ie can be anywhere in the URL)
    • doesn't care about the domain name(s)
    • few KWs then manage many possible urls :)
  16. pyromaster114

    pyromaster114 TechSpot Maniac Topic Starter Posts: 395

    The OpenDNS feature is working marvalously actually for our purposes.

    It's very thorough, and hasn't blocked anything stupid yet, with one exception, which I totally understand why it did it.

    It blocked my other favorite technology board... 4chan /g/. (Usually it's actually quite good... despite the occasional onslaught of spam posts... I like the battlestation threads... if no one knows what I'm talking about, ignore me I guess...)
    Well I totally understand why it did that... it's on the same server/domain as the REST of 4chan... which isn't so nice.
    Now, no one here besides me knows 4chan exists (silly hick town...)... so I just whitelisted it for now.

    I would like to eventually have the capability to block sections of sites though.

    It will work for now like this, but I was wondering if anyone had an idea how to do that.
  17. jobeard

    jobeard TS Ambassador Posts: 13,026   +221

    I believe that the OpenDNS implementation is for DOMAINS and not full-ulr-page-references,
    so it will be all or nothing.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.