From UntangleWiki

Untangle Server User's Guide

Web Filter Lite

Other Links: Web Filter Lite Description Page Web Filter Lite Screenshots Web Filter Lite Forums Web Filter Lite FAQs

---

Contents 1 About Web Filter Lite 2 Settings 2.1 Block Lists 2.1.1 Categories 2.1.2 Blocked Sites 2.1.3 Blocking File Types 2.1.4 Blocking MIME Types 2.1.5 Block pages from IP only hosts 2.1.6 User Bypass 2.2 Pass Lists 2.2.1 Passed Sites 2.2.2 Passed Clients 3 Event Log 4 Related Topics 5 Web Filter Lite FAQs 5.1 How does Web Filter Lite work? 5.2 Can I install Web Filter lite on a single computer to use as Parental Control software? 5.3 My settings don't seem to be taking effect. Why? 5.4 Can I unblock websites that are appropriate for my business but are listed in inappropriate content categories? 5.5 Why am I not getting all of the content for a web site on my Pass List? 5.6 Can I grant privileged access to some users while still blocking sites for everyone else? 5.7 We run a hotel, where employees are not permitted to browse to inappropriate content yet guests using a public Internet terminal are not restricted. How can we handle this situation? 5.8 Can I create time based policies to let user access personal sites during lunch? 5.9 Can Web Filter Lite help me block video and music file formats? 5.10 Can Web Filter Lite help me protect my network from potentially malicious file types like executables? 5.11 Why block both MIME Type and File Types? 5.12 What Kind of Reporting Does Web Filter Lite Offer? 5.13 What categorization database does Web Filter Lite use? 5.14 Can I block all web sites except certain ones?

About Web Filter Lite

Web Filter Lite filters web traffic to your network and can block inappropriate content and monitor user behavior. Web Filter Lite uses a variety of techniques to determine what is inappropriate such as:

• Category Database
• Specifically Blocked Sites
• MIME Types
• File Types
• Specifically Passed Sites
• Specifically Passed Users

Web Filter Lite reports illustrate the kind of web activity on the network, from a global view all the way down to a specific host or user.

Settings

This section reviews the different settings and configuration options available for Web Filter Lite.

Block Lists

This tab controls the different mechanisms to classify and block or flag content.

Categories

Category blocking is driven by the community-maintained database that is part of the Untangle system.

If block is checked any sites and URLs in that category will be blocked and flagged as a violation. If only flag is checked (but not block) the visit will be flagged as a violation but still allowed to pass. Flagging a visit as a violation has no visible effect to the user but makes finding and tracking undesired behavior in the reports easier.

Note: If you want to improve the overall product by contributing domain names or URLs that you feel should be blocked by categorization, check out the Web Filter Lite Submission Tool.

Blocked Sites

1. From Web Filter Lite, click the Block Lists tab and the Edit Sites button.
   1. In the table, click the add (+) button to the left of the table.
   2. In the new entry, add the URL that you want to block.
   3. Click Done
2. Click the Save button to save the newly added entries or the Apply button to save and continue adding new entries.
3. Click the OK button

Tip: If you want to temporarily unblock this website later, deselect the block check box.

Blocking File Types

1. From Web Filter Lite, click the Block Lists tab and the Edit File Types button.
2. In the table, do one of the following:
• If the file type that you want to block already appears in the table, select the block or log check box or both.
• If you want to block a file type that isn't in the list, click the add (+) button to the left of the table, then specify the file type that you want to block.
3. Click the Save button, then OK.

Blocking MIME Types

1. From Web Filter Lite, click the Block Lists tab and the Edit MIME Types button.
2. In the table, do one of the following:
• If the MIME type that you want to block appears in the table, select the block check box for that MIME type.
• If you need to add a new MIME type, click the add (+) button to the left of the table, and in the new entry, add the MIME type that you want to block.
3. Click the Save button, then OK.

Block pages from IP only hosts

When this option is enabled, users entering the IP address rather than domain name will see a block page.

User Bypass

Some organizations may wish to allow certain users to bypass the Web Filter Lite. This option is available under "User Bypass."

If User Bypass is set to None no users will be allowed to bypass the block page. If User Bypass is set to Temporary users will be allowed to bypass the block page for one hour from the time it is bypassed. If User Bypass is set to Permanent and Global then users will be allowed to bypass the block page and bypassed sites will be added to the permanent global pass list.

User Bypass is best when combined with Policy Manager so that only certain users are allowed to bypass.

1. From Web Filter Lite, click the Block Lists tab.
2. Under User Bypass choose None, Temporary, or Permanent and Global.
3. Click the Save button.

Pass Lists

Pass Lists are used to pass content that would have otherwise been blocked. This can be useful for "unblocking" sites that you don't want blocked or allowing certain users special privileges.

Passed Sites

If your organization deems a specific website to be useful and that site or URL should not be blocked regardless of its categorization, it can be added to the Passed Sites list.

1. From Web Filter Lite, click the Pass Lists tab and the Edit Passed Sites button.
2. In the table, do one of the following:
• If the URL that you want to pass appears in the table, select the pass check box for that URL.
• If you need to add a new URL, click the add (+) button to the left of the table, and in the new entry, add the URL that you want to pass.
3. Click the Save button, then OK.

1. From Web Filter Lite, click the Block Lists tab and the Edit Passed Sites button.
2. In the table, locate an existing URL that you want to pass, and clear the block check box, or simply delete the row.
3. Click the Save button, then OK.

Passed Clients

If you only have a few users that need to completely bypass Web Filter Lite controls, consider using pass lists. If these users simply need a different Web Filter Lite policy you should set up a separate rack using Policy Manager.

Before You Begin: It may be useful to assign the user a static IP address. If the Untangle Server is your router, go to Assigning Network Computers Static IP Addresses.

1. From Web Filter Lite, click the Pass Lists tab and the Edit Passed Client IPs button.
2. In the table, select the add (+) button. A new row appears.
3. In the IP address/range text box, specify the computer IP address and subnet mask of user that you want to be exempt from the web filter.
4. Click the Update button, then Save.

Event Log

Use the following terms and definitions to understand the Web Filter Lite Event Log:

timestamp	The time the event took place.
action	The action which the Untangle Server took on the web request.
client	IP address of the client who made the request.
request	A description of the request made (e.g. http://someurl/somepath.html).
reason for action	The reason the action was taken.
server	The server IP Address. The server is the computer that receives the request.

Related Topics

• Web Filter

Web Filter Lite FAQs

How does Web Filter Lite work?

Untangle Web Filter Lite transparently scans HTTP traffic in order to block or log specific activity. Websites can be blocked or logged based on content category (porn, gambling, social networking, etc.), specific url (MySpace, YouTube, ESPN, etc.), MIME Type or File Types (.exe, .mp3, .avi, etc..)

Can I install Web Filter lite on a single computer to use as Parental Control software?

No. You cannot install Untangle on a single computer to use as Parental Control software. Installing Untangle will wipe out your existing operating system and all files on your hard drive. It can only be used as a Gateway to implement Parental Control or Web Filtering on connected client computer(s).

For a single PC, other Internet filter/Parental Control software can be used.

My settings don't seem to be taking effect. Why?

When a specific URL is added or removed from either the Block List or Pass List or categories, there may appear to be delays in changes taking effect. New Settings only take effect for new sessions, but many modern browsers have many layers of caching and keep connections open in the background. If settings appear to not be taking effect try flushing the cache and closing and reopening all browsers.

Can I unblock websites that are appropriate for my business but are listed in inappropriate content categories?

Yes, any website can be placed on a “Pass List” by URL to override blocklisting when it is also in a content category “Block List.” This is particularly useful in industries like healthcare where legitimate medical or drug-related research could require access to sites that have been miscategorized in category block lists (usually pornography or drug content).

==My users complained that they cannot connect to somesite.com, and it keeps showing up in my Event Log as blocked. How can I stop somesite.com from being blocked?==

You can add a rule to the Pass List for somesite.com, as described in Passed Sites.

Why am I not getting all of the content for a web site on my Pass List?

It's common for a web site to display links, banners and content from other web sites as part of their web pages. There are two easy methods to re-integrate the content while maintaining your access controls.

METHOD #1 (preferred)

1. Access the Web Content Control Event Log, and either Refresh the list or set it to Auto-Refresh.
2. In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
3. Check the Web Content Control Event Log again, and refresh if necessary. Web sites whose content is missing will be shown at the top of the list.
4. Access the Web Content Control Pass List, and add the URL(s) that appeared in the event log. Remember to click Save.
5. Access the web site (or the specific page) again. The content should now be present.

METHOD #2

1. In your browser, access the web site that has missing content -or- the page on that web site that is missing content.
2. Right-click in your browser and select View Source in Internet Explorer or View Page Source in Firefox. PLEASE NOTE that the source of the web page may be very lengthy and/or difficult to read. ALSO, embedded Java, Flash, Shockwave may pull content from elsewhere and those sites will not be available to be listed as part of the page source.
3. Access the Web Content Control Pass List, and add URL(s) that appeared in page source. Remember to click Save.
4. Access the web site (or the specific page) again. The content will hopefully be present.

Can I grant privileged access to some users while still blocking sites for everyone else?

Yes, Policy Manager can be used to create individual policies for adminstrators, executives or any other user that requires unique Internet access to complete their job.

We run a hotel, where employees are not permitted to browse to inappropriate content yet guests using a public Internet terminal are not restricted. How can we handle this situation?

Configure the web filter policies as you would for employees. Then, create a pass list to exempt guests. For more information, go to Passed Clients. Alternatively, completely seperate policies can be created for each group using Policy Manager.

Can I create time based policies to let user access personal sites during lunch?

Yes, policies can be created to allow access to blocked sites such as webmail or social networking during break or off-peak network usage hours using Policy Manager.

Can Web Filter Lite help me block video and music file formats?

Yes, Web Filter Lite can block numerous types of file format including audio and video files such as mp3, wmf, wav, avi, mpg and mov. Note: This does not include streaming audio and video done within web pages.

Can Web Filter Lite help me protect my network from potentially malicious file types like executables?

Yes, Web Filter Lite can block numerous file types including executables such as exe, ocx, bin, dll, cab, bin, and com.

Why block both MIME Type and File Types?

In an ideal world, both pieces of information would always be present for every web request. However, some sites use incorrect content types or extensions. Also, the behavior of operating systems (Windows vs. Mac) is different when given only file extension or content type. To be safe, both lists should be used.

What Kind of Reporting Does Web Filter Lite Offer?

Web Filter Lite provides network and user based reporting. The reports show high level trends like peak network usage hours and also drill-down into user level incidents for activity monitoring.

What categorization database does Web Filter Lite use?

The Web Filter Lite database is community maintained. To submit new URLs or request the removal or recategorization of existing URLs goto forums.untangle.com and login and click the "Submit URL" link in the top menu or click here.

Can I block all web sites except certain ones?

Yes, simply block all categories (including "Uncategorized"). Then add whatever sites you'd like to pass to the pass list. Beware that the complex nature of the web and the fact that many applications communicate over http can make this approach difficult.