4

I've a problem filtering web searches on Google domains.

Currently I've a linux openVPN Server running with openDNS "family block".

I can block a lot of websites with dangerous content and it's ok.

The problem is: How do you filter Google Search now that they enabled HTTPS everywhere?

I'm reading a lot of old documentation talking about: forcesafesearch.google.com / nosslsearch.google.com

I can't understand how to solve this situation. I've read about Squid+DansGuardian, but I don't know if it's possible to use it with openDNS.

Maybe iptables could help me?

Improve this question
3
  • The easiest way is to run DNS internally, and make sure all requests to google.com go to safesearch. Are you running dns internally? You can install your own DNS server and have it forward requests to opendns that you don't manipulate
    – Paul
    Commented Oct 15, 2014 at 13:14
  • Privoxy or Squid with dnsmasq is ok? How do You forward non-google requests to opendns server?
    – Gianluca Mazza
    Commented Oct 15, 2014 at 13:35
  • 1
    @GianlucaMazza - Simple. You configure the network to use it. You can force it through the os or the networking equipment itself.
    – Ramhound
    Commented Oct 15, 2014 at 13:46

3 Answers 3

Reset to default
0

For those routers that support DDWRT, you can do this on DDWRT firmware by either rewriting the hosts file on the router or by using DNSMasq. There are advantages and disadvantages using both methods. See https://geekvisit.com/enforcing-google-safe-search-dd-wrt/ (a blog to which I contribute) for an explanation and screenshots.

Here's a brief summary:

Method 1 - Automatically Rewrite Router's Host File

  1. Go to Administration->Commands
  2. Click "Edit" and add the following script: echo '216.239.38.120 www.google.com 216.239.38.120 encrypted.google.com 216.239.38.120 google.com' >> /etc/hosts restart_dns
  3. Click "Run Commands"
  4. Click "Save Startup"

Method 2 - Use DNSMasq:

  1. Enable DNSMasq.
  2. Go to Services tab. Find the "Additional DNSMasq Options" text box
  3. Insert the following in the Additional DNSMasq Options (Note the DOT before google.com, the dot acts as a wild card to pickup any subdomains): 
    4. 
local=/local/
expand-hosts
address=/.google.com/216.239.38.120
    That's it. Save and apply the settings.
Improve this answer
0

This is a nice, simple hardware solution to consider: https://www.pcwrt.com/ you can enforce safe search across other search engines, not just google. great controls w/o the expensive option of buying a firewall for home network.

here's a free software option that takes more work to configure if you're inclined to spend time doing so: https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

Improve this answer
0

OpenDNS needs a better option for forcing safe search in Google and Bing and strict mode for YouTube. Their proposed solution with CNAME entries is not workable for most home users as the vast majority of home routers do not support this and most users do not have the technical knowledge for this anyway. Without an easy, workable safe search option their service should not be offered as a "Family Shield" because it just gives parents a false sense of security.

Set up OpenDNS to block porn and then do a regular Google search for 'tits' or 'sex gif' if you need proof of this.

I switched to SafeDNS where there are simple checkboxes for the safe search/strict features and it works great.

Then I just blocked the search engine category (along with a bunch of other categories) and specifically whitelisted Google and Bing.

I realize this is still not a bulletproof solution, but it is much better than I was able to get with OpenDNS.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .