APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Web Content Filtering

© May 2009 Anthony Lawrence

Goofing off on the Internet. The vision of employees wasting valuable time on the web haunts some employers. When I'm asked about preventing such abuse, I always explain that we can certainly record and even control internet access, but my experience has been that it's usually a non-issue. That is, "bad" employees will goof off one way or another, whether it's long bathroom breaks, chatting at the water cooler, personal phone calls or browsing the Internet. Most workers don't abuse any of those things. Whenever I put in a proxy server, those facts soon become very evident and management usually abandons the filtering quickly (or at least stops looking at reports!).

Now we have someone saying that "cyberloafing" (Internet goofing off ) can be a good thing. Actually, that doesn't surprise me. When I ask if management minds employees attending to some personal business while at work, most admit that they really don't mind at all. They understand that we all live in a very pressured world and that the demands of work can sometimes leave very little time for personal needs. It's only reasonable to expect that employees will need to do some of that at work. It's also obvious that we all need short mental health breaks now and then - we can't fully concentrate on work constantly.

Some workers she surveyed said they felt the boundary between work and life is becoming increasingly blurred, with growing expectations of being available online for work at home. As a result, workers feel justified in shopping, banking and paying bills online at work and are therefore less resentful of being expected to carry out work duties outside office hours.

Using the Internet for personal use at work may also reduces stress for employees, giving them mini breaks that can potentially make them more productive, she suggests.

I have to meet with a customer this week to set up a transparent proxy. We've had the "you probably won't use this" conversation, but he still wants it done. That's OK: it's entirely possible that his situation is different and that he truly needs this. He's using a router that has this capability built in so it's very simple to turn this on for a trial. If he finds it useful, he can subscribe to the service. If not, we'll just shut it off.

Just after typing that paragraph, I accidentally came across OpenDNS.com. I wasn't looking for web content filtering; this was truly a happenstance discovery. The more I looked at what they have to offer, the more convinced I became that this is what to show to my customer.

Use OpenDNS

First, this is free. It's ad supported - when a site is mistyped or blocked, they display ads. That's hardly objectionable and could even be helpful when you are looking for something that used to exist but doesn't now. More importantly, the configuration is a very simple Web interface - he can set the level of filtering, add specific sites to block or unblock - the only feature this doesn't have that the router can offer is different filtering for different users and a password bypass. OpenDNS does offer tracking, though again they can't track individual machines unless they are using public ip addresses as the router software could. However, at least for testing purposes, this is simple and quick to implement and manage.

If it turns out that he wants more, we can do the router solution. If he decides he wants nothing, their phishing protection still adds value. Sounds like a plan!

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Web Content Filtering:


Inexpensive and informative Apple related e-books:

Sierra: A Take Control Crash Course

Take Control of Automating Your Mac

Take Control of the Mac Command Line with Terminal, Second Edition

Take Control of iCloud

Take Control of Apple Mail, Third Edition

More Articles by © Anthony Lawrence

Wed May 13 14:28:49 2009: 6357   NickBarron

OpenDNS can be very good, though I find it can be a real pain sometimes as well. Let me know how it goes :)

Wed May 13 16:01:57 2009: 6358   TonyLawrence

Hard for me to think that it could be worse than what I've had with Verizon DNs :-)

Thu May 14 13:08:45 2009: 6365   kucherjose

I use openDns for a couple of years, the interface is simple and his servers are always up.

in the most cases i use to filter domains, works fine..

the problem was when the internet has dynamic ip.. the provided updater soft lack to renew the changed ip and the system become unfiltered...

in several minutes the ip is updated and the filter goes on

salutes anthony

Tue May 26 17:43:09 2009: 6409   TonyLawrence

Now here's something weird:

I set this up at a customer and the Winterm thin clients stopped working. Windows RDP continued to work. No idea yet why.. the Terminal Servers don't use OpenDNS themselves and can resolve the ip's/names of the Winterms.

Fri Jun 5 10:40:09 2009: 6446   SteveWildow

I almost always use OpenDNS for clients unless they object. Most of the time they have an internal DNS server. I set this server up to forward requests to OpenDNS servers. Then I point all internal machines to use the internal DNS server. Either changing the DHCP default settings on the DHCP server or manually typing it in on the client.


Fri Jun 5 10:46:42 2009: 6447   TonyLawrence

I still don't understand the problem I have with Winterms and OpenDNS.

Here's the situation: Two Terminal servers, both with static internal IP's. One has DNS from the local router, one goes directly to the ISP's DNS servers.

Put OpenDNS on the local router and the Winterms cannot connect to either Terminal Server. They connect by IP, not by name, by the way. Put the ISP's DNS back and the Winterms work.

Makes no sense, but there it is.


Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

If you think your users are idiots, only idiots will use it. (Linus Torvalds)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode