What's new

Porn filtering and accountability

RMerlin

Asuswrt-Merlin dev
It's gonna be everywhere. Chrome is rolling it out too.
Chrome is only enabling it as an upgrade, not as a replacement. I.e. if the DNS server you use supports DoH, then it will upgrade to DoH. But if you use OpenDNS (which does not support DoH) for blocking, then it won't touch your settings, and will stick with it.

This is why Firefox's implement is so retarded, compared to everyone else, as they will blindly override any filtering DNS server you might have implemented on your network. It's screwing up with network management, by blindly overriding it, unless your DNS provider happens to support their canary system.
 

shabbs

Occasional Visitor
This is why Firefox's implement is so retarded, compared to everyone else, as they will blindly override any filtering DNS server you might have implemented on your network. It's screwing up with network management, by blindly overriding it, unless your DNS provider happens to support their canary system.
It's insane. I noticed it the other day as a pop-up when I fired up my Firefox. It said it had enabled it by default. My guess is most people will just slam OK and move and not even know what happened. Not a fan of their approach here.
 

buggs1a

Occasional Visitor
I’m a Christian and this is for me. I live alone and will have a Christian friend help me with the management and accountability. I would get a router and set it up with porn blocking and hopefully it’d log sites you go to for accountability. He would have remote access so he would have the admin log in and I won’t.

I know Asus tracks the sites. I used to have their AX11000 and it was great. But the filter didn’t block porn on android. Every other feature worked well. Except I don’t know about the remote management. I didn’t try. The TP-Link AX6000 was great. It’s filter blocked porn on everything. But I don’t think you could check sites you go to like on the Asus. And it is a basic featured router unlike the Asus having better and more features. It has remote management like I think is great. You log in to the TP LINK management url not the router itself. I never could get this to work. TP LINK support was emailing me about getting it to work but I returned it.

Both those routers were my favorites. Except one has good working filter but no log of sites visited I think. And basic features. The other didn’t have a working filter. But does have the log and time restrictions like offline network for bedtime etc. And much better features.

Those two routers are my current favorites but I don’t know what to do.

I put the porn filtered Open DNS IPs in my iPhone WiFi and it works. I haven’t put it in my Note 10 + yet. I will test that today and report back. I put these IPs in the Asus router when I had it and filter did not work on my Androids back then. Don’t remember about iPhone.

So if the Open DNS filtered IPs work on the mobile device but does not work if on the router then that says to me something the router does is messing it up.

I just wanted to be open with you all about what’s going on here. So I shared myself with everyone.
 

XIII

Very Senior Member
Maybe NextDNS could be of interest to you?
  • “Block websites containing porn, violence, profanity and more.”
  • “See what's happening on your devices with in-depth Analytics and real-time Logs.”
 

buggs1a

Occasional Visitor
Thanks but I still need a router. But I guess if open dns or whatever can work in a router if the routers own filter don’t then I can try. But I am not going to install any software.
 

JemTheWire

Senior Member
Sorry hijack, but if DoH will ultimately render DNS adblocking useless, where does that leave Diversion? I guess that will be 'redundant'.
 

dave14305

Part of the Furniture
Sorry hijack, but if DoH will ultimately render DNS adblocking useless, where does that leave Diversion? I guess that will be 'redundant'.
It will still be relevant, but anyone on your network that wants to bypass it using DoH in a browser will be able to.
 

XIII

Very Senior Member
Thanks but I still need a router. But I guess if open dns or whatever can work in a router if the routers own filter don’t then I can try. But I am not going to install any software.
NextDNS can run on routers, but you will have to install software (on the router):

 

shabbs

Occasional Visitor
Thanks but I still need a router. But I guess if open dns or whatever can work in a router if the routers own filter don’t then I can try. But I am not going to install any software.
Yeah, you could create an OpenDNS Account (free) for the Family filtering and then point your new Router's DNS to the OpenDNS services. The OpenDNS dashboard will let you filter out the content you need. No software required on the router.
 

RMerlin

Asuswrt-Merlin dev
I use Cleanbrowsing DNS servers or a customer who needs to block adult content on a PC that is shared by multiple children. That can be an inteteresting alternative to OpenDNS.

In this specific case I only needed to protect one single PC out of the 8-10 PCs they have within their office, so I set it directly on the computer itself. If you want to protect everyone, then check your router's WAN configuration. Tell it NOT to use the DNS provided by your ISP, and manually enter the DNS from the blocking service you wish to use.

And make sure any Firefox install does not have DoH enabled. Same with recent Android devices, they have a "Private DNS" setting that should be disabled.
 

RMerlin

Asuswrt-Merlin dev
Sorry hijack, but if DoH will ultimately render DNS adblocking useless, where does that leave Diversion? I guess that will be 'redundant'.
Simply don't use DoH. If you have an Asus router running my firmware, you can use the option that disables automatic DoH switching for Firefox (it introduces the canary DNS entry in your router, which tells Firefox not to automatically enable DoH).
 

shabbs

Occasional Visitor
Simply don't use DoH. If you have an Asus router running my firmware, you can use the option that disables automatic DoH switching for Firefox (it introduces the canary DNS entry in your router, which tells Firefox not to automatically enable DoH).
The Pi-hole team has built this into their DNS service as well: https://github.com/pi-hole/pi-hole/pull/2915
 

AndreiV

Very Senior Member

shabbs

Occasional Visitor
Nice to see the DNS providers coming up with options.

The CloudFare for Families does not have any configuration at this time but it looks like it's coming. Most likely will look like the OpenDNS one.
 

buggs1a

Occasional Visitor
So what if a router uses opendns family and android or anything can still access porn? Does that mean something the router is doing is interfering?

Why did the TP-Link ax6000 filtering work when not one other of 12 devices I tried did?
 

RMerlin

Asuswrt-Merlin dev
So what if a router uses opendns family and android or anything can still access porn?
It means your client devices are not using the same DNS as your router. Could be through VPN, could be through Private DNS being enabled, could be through hardcoded DNS servers, could be through misconfigured router.
 

buggs1a

Occasional Visitor
Well I had the Asus ax11000 and used opendns and I think android was still able to access porn. Not using cell.
I have to put opendns on my note 10 plus and see what happens.

it really bites Comcast forces you to use their own dns in the x1 gateway. That gateway sucks in my opinion.
 

shabbs

Occasional Visitor
There will always be ways around this type of blocking. If their phone is using a different DNS setting, then they will bypass the OpenDNS blocking.

I block that ability using @RMerlin's firmware on my Asus router that can prevent anyone from using a different DNS with his DNSFilter feature.

But that won't stop someone using a VPN or DoH when browsing on my network. Thankfully my daughter is not at that level yet so it's not a concern I have at this time... yet...
 

shabbs

Occasional Visitor
Are your devices getting DHCP info from your router then? It may be they have hard coded DNS entries then. If your router is giving out the OpenDNS entries as part of the DHCP info, they should get the same restriction. But as mentioned in the thread, some Android devices may invoke a Private DNS setting which would bypass the DHCP DNS.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top