Ask Leo! by Leo A. Notenboom

How do I block porn?

Helping people with computers... one answer at a time.

Ask Leo! » Internet

Blocking pornography isn't always as simple as we'd like. However OpenDNS provides one of the easier solutions, particularly for an entire network.

by Leo A. Notenboom, © 2009

I would like to block porn from coming into my house. I am sure many people feel the same way because they have children but my reason for wanting to block it is my idiot son-in-law.

My daughter, grandchild, and idiot son-in-law live in an apartment in our basement because he cannot support his family. They were using a dialup modem but I got tired of them tying up the phone so I agreed for them to connect wirelessly to my router.

Since then, and before I suspect, my son-in-law has been viewing porn and I really do not want it in my house but I do not want to start a fight with my daughter by taking away the DSL. Especially since he says he needs it to look for a job.

I tried installing OpenDNS and configuring the router to use it but it did not work. I posted to their forum and was told that each computer had to be manually reconfigured to use OpenDNS for it to actually block certain websites. Since I do not have the password to their computer and do not want to snoop on their machine, that option was out.

I have been reading your blog for years now and you are always telling people that your ISP can see anything and do anything. Well, I am my SIL's ISP so how do I use the router to block porn without having to access their machine?

•

Well, I believe you were on the right track with OpenDNS, but I suspect that the advice you got was a little off the mark.

That being said, I also have to throw out a big fat caveat as well, that you probably won't like.

•

The honest bottom line is that there's no way to absolutely, positively block porn, or anything else for that matter. You can make it more difficult, and maybe that's enough, but for every approach we might consider taking there will be ways to circumvent it.

So with that out of the way, let's block some porn...

You Are The ISP

The observation that you are your son-in-law's ISP is a very good one. The very definition of the acronym is pretty clear: Internet Service Provider, and you are providing internet service.

"You can make it more difficult, and maybe that's enough ..."

However:

Your ISP has something you don't: equipment, and lots of it. If you were to look at what your ISP actually has in their data center, you'd be amazed at what it takes to get those digital bits to and from your computer. A high end router, for example, could easily block access to various sites. Your ISP probably has several such routers, but is it worth $10,000 or more to you to get one for yourself? Probably not.

The more traditional approach is to install parental control software on each machine that might be accessed by people you feel are untrustworthy ("idiot" or not Smile ).

As you've indicated, even modifying the configuration for OpenDNS on each machine is not an option, so I'm certain that installing anything is even a less of an option.

So we'll head back to where the ISPs do: your router.

The approach is actually quite simple: when a computer connects to your network at boot time, it asks your router for an IP address. Along with that IP address the router also provides the IP addresses that should be used for DNS lookups (the lookups that translate human readable "ask-leo.com" into what your computer really uses to connect: 72.3.133.152).

OpenDNS

So, we configure your router to provide OpenDNS's DNS servers to any computer that connects to your local network, including that of your ~~idiot~~ son-in-law.

Now, unfortunately exactly how you do this will depend on your specific brand of router. For example, in the Linksys router I happen to use, it's configured in the DHCP settings:

DHCP and DNS in a LinkSys router

With these settings any computer that connects to the internet through this router would use OpenDNS's service.

You'll need to make the equivalent settings for your own router, but fortunately OpenDNS's web site includes instructions for most common routers.

To enable content filtering, you'll need to set up an account with OpenDNS, and configure the types of filtering you want.

Now, there is one gotcha that I suspect is what the initial advice you received was about.

OpenDNS applies those filtering settings based on your internet IP address. In fact, it's part of what you set up when you create an account and add a "network" to the account. All the requests that OpenDNS sees coming from your network IP address are then filtered according to the rules you've configured for your account.

So what happens if your IP address changes?

This is a very common scenario for consumer internet connections, and is called "dynamic IP addressing". One day your internet connection might be on one IP address, and another day it might change. This is totally normal, and is controlled by your ISP.

You can update your IP address with OpenDNS manually, of course. However, OpenDNS does make available a small program which will automatically update OpenDNS's record of your IP address when it changes.

I'm thinking that this might be what they referred to as what you needed to install.

The missing piece is that you only need to install it on one machine - yours. Once OpenDNS understands that the internet IP address has changed for your account, its features are applied to all computers accessing sites through that connection.

So, in your situation, I do believe that OpenDNS remains the best solution - I just enabled it here on my home network's router, and all my machines are now protected.

But please, don't think of it as absolute protection. To the dedicated, there are likely ways around it.

One final caveat: what we've been talking about is web access. OpenDNS doesn't filter incoming email, so any porn spam you might be getting will continue. You'll need to investigate spam filtering solutions for that, and those are likely not things you'll be able to implement without impacting the computers involved.

Article C3667 - March 6, 2009 « »

Share this article with your friends:

Share this article on Facebook

Tweet this article

Email a link to this article

Leo

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

On Kids, Parents and the Internet An old problem finds a home on new technology: cyber bullying and other internet related harassment seems to be on the rise. What's a parent to do?
How do I translate a URL to an IP address? Mapping a domain to an IP address is very easy with several tools, both on your machine and on the internet. I'll look at the two I use.
How can I keep my kids safe from internet garbage? There's a lot of garbage on the internet and it's difficult to prevent your children from seeing it. There are tools to help and steps to take.

Recent Comments

22 Comments

John Colby
December 22, 2009 12:52 PM

I've tried a lot of internet filters, the best porn blocker I could find was IM Lock.

It's easy to configure, and it's very difficult to bypass. You might give this product a try.

Timmy F
September 4, 2010 4:31 AM

The best Porn Blocker is here. Click on the link or copy paste it on your browser and protect yourself and your family http://b8aa2mguimimyqfgu5yai5nofs.hop.clickbank.net/

Ronald
June 19, 2011 6:22 AM

Sorry for putting it in Dutch. Google had translated this webpage to Dutch, so here my addition in English

An good option is K9 aswell. It is an endpoint solution though, but give a very good blocking possibility. Even VM's on top of an os with K9 will not be able to bypass this blocker. It is owned by Bluecoat, who is providing contentfilters for Global 500 companies.
It is free, but they make use of the community by getting the list of all sites through K9. You can set to block all sites, that aren't tagged already. In my home network I use both K9 and OpenDNS. This is for all users that are bringing their laptop/smartphone to my home and make use of my internet. Further more, not every machine K9 can be installed on, per example laptops from your work.

For my self I am still looking for a router that has the ability to block IP-addresses. Some people are sharing porno just from an IP address. This will bypass DNS, because it can set up a streight connection. (OpenDNS is not able to block these addresses, K9 is able to block them)

John
September 4, 2011 2:16 PM

Another alternative is: http://www.dnsredirector.com if you don't like how OpenDNS redirects non-existant (misspelled) sites to a "guide" page with advertisements.

Lauren Combs
March 21, 2013 9:03 AM

Porn had almost ruined my relationship with my husband. He now goes to Sex Anonymous meetings. I downloaded a porn blocker {URL removed} and I also installed it on his work computer. There is no way he can view it now unless he goes to the public library or has a computer I don't know about. My advice is not to give up on a relationship because of this. There are a ton of men who struggle with this but I finally decided to draw the line. If he messes up again he will be moving out! Tough love.. There is no exception.

See all 22 comments...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2013 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/how_do_i_block_porn.html