I’m assuming if you’re reading this you’ve got a tablet or phone that you’re giving your kid to use and want to block pornographic sites from. This article only covers local network connected or WiFi-only devices as once you’re connected to a cell phone carrier the carrier dictates DNS resolution and that’s what we’re going to change.
This blocks accidentally going to a known porn site. A determined teenager who’s smart enough is going to find a way around anything you don’t have to pay for (and even that sometimes,) so remember this is primarily for blocking innocent accidental access of adult sites.
We’ll be using OpenDNS and your WiFi router to do the blocking.
What is DNS?
The first thing you’re going to need to understand is that every website out there is simply a series of four digits. For example, theITbaby is 18.104.22.168 as of this writing.
These numbers are how your browser manages to tunnel through the internet and find our website. All websites are like that, but rather than telling you to type in those numbers you visit a human-readable address of “theitbaby.com”.
DNS stands for Domain Name Service (or server, or system), and your ISP generally gives you a couple of these via a thing called DHCP (dyanamic host configuration protocol). You can think of DHCP as the reason your device works without you having to type in a bunch of numbers in some network settings area.
How do we block pornographic sites?
What we’re going to do today is use a free DNS server called OpenDNS that when you ask it for a porn site redirects you to a landing page that tells you that site is blocked.
It’s not infallible, and doesn’t block things like Google Image Search, where you can find some pretty horrible stuff far enough in if you’ve got safesearch turned off and are looking up Grumpy Cat.
What we’re going to do is configure your WiFi router to give out two DNS server addresses from OpenDNS to any device that attempts to connect to it.
Configuring the WiFi/router
OK, so there are seven major brands of WiFi routers, each with years worth of updates, menu changes, etc. I can’t give you every single method of configuring these, but if you’re reading this chances are you’re a bit more tech savvy and can figure it out.
We’re assuming your setup is Cable Modem -> WiFi router -> computers and devices.
First off, access the router’s configuration page. This is usually at http://192.168.1.1 or http://192.168.0.1 – if it’s not at either of these, you’ve probably either set it up yourself or it’s a 10.x.x.x address.
You can find what your router’s local address is by running a command window and typing ipconfig /all. You’ll see something like below if you’re running Windows, slightly different in a terminal server on Mac.
That should be your WiFi access point, although with mine it’s a non-standard 10.x address. You should see 192.168.something.something.
Changing the LAN settings
What you’re going to do is find a section usually named LAN Setup (do not touch WAN setup). You’ll find it on most routers along with a checkbox that says “function as a DHCP server?” and some numbers for the local addresses.
You need to specify what DNS Servers you want to give to the local area network. (DNS numbers next section down) Make sure you only modify DNS servers and nothing else. There should be a space for at least two DNS servers and usually a third.
On a Netgear Genie setup you’ll go to Advanced, setup, internet setup, and under the DNS radio setup you’ll enter in the new DNS servers. Click save, then this should block any innocent access to most porn sites for all who are connected to the router.
You’ll need to power cycle any connected device, or refresh the DHCP information in order to be using the new DNS servers.
On Windows you can open a command prompt and type in “ipconfig /release” press enter, then “ipconfig /renew” and you’ll be on the new DNS servers if everything went right.
You can verify it worked by attempting to go to a an adult-oriented site such as Fark’s Boobie page and you should get that the site is blocked, or worst case scenario you see links to sites with no images attached.
What are the DNS numbers?
The OpenDNS numbers for OpenDNS Family Shield are 22.214.171.124 and 126.96.36.199.
It’s a free service, or you can pay $19.95 for more bells and whistles such as customized filtering for porn, academic fraud, social media, etc. So if you want Susie to be blocked from this and Tommy to be blocked from that, you can get some specificity.
Ways around this?
You can type in the IP address and that completely bypasses DNS resolution. You can use a proxy server and that can bypass DNS. You can go to a site that OpenDNS doesn’t know about. You can disconnect a phone from the WiFi and connect to 3G, 4G etc and now you’re using their DNS servers. You could plug your wired computer into the cable modem and get around the WiFi router DNS. On Windows you can specify that you get an IP address via DHCP but use your own DNS servers. Plenty of ways. This is free.
However, if you’re trying to stop a determined teenager, this is not for you. This is for attempting to stop an eight year old who typed in whitehouse.com when they wanted whitehouse.gov from landing on a porn portal.
Problems with this?
This still doesn’t restrict kids from wandering into a chat room, or accidentally seeing something they shouldn’t. You’re going to need to monitor them as last I checked most sites are only a few clicks from pornographic content.