Introducing List-Based Web Blocking


#1

As for Firmware 6.3, Peplink devices can block specific site categories as defined by publicly available blocking lists in addition to blocking specific web domains.

Supported Devices

Two versions are available: lite and full. The full version supports a larger blacklist with more specific categories. Lite: Balance: One, 210, 310 MAX: BR1*, BR1 Mini, BR1 Slim, BR1 Pro*,BR1 ENT, Hotspot, BR1/2 IP55*, BR2*, Transit, OTG* (HW2 or above), 700 HD2, HD2 Mini, HD2 IP67, HD4 MediaFast: 200, HD2, HD4 Surf: SOHO*, SOHO MK3 * HW2 or above

Full:
Balance: 305, 380, 580, 710, 1350, 2500
MediaFast: 500, 750

Setting Categories

To begin, navigate to Network > Firewall > Content Blocking (For MAX Devices: Advanced > Content Blocking). lite Version Full Version For either version, select the categories you wish to block by ticking the checkmarks. Alternately, you can also use our presets by clicking the High, Moderate, and Low radio buttons. Once the presets are selected, you will be able to add or remove categories as needed. Please note that the presets may change when the Firmware upgrades, potentially changing your category selection.

Setting Customized Domains

In addition to categories, you can also define define specify domains to block or allow.
If “foobar.com” is entered, any web site with a host name ending in foobar.com will be blocked, e.g. www.foobar.com, foobar.com, etc. However, “myfoobar.com” will not be blocked. You may enter the wild card “.*” at the end of a domain name to block any web site with a host name having the domain name in the middle. If you enter “foobar.*”, then “www.foobar.com”, “www.foobar.co.jp”, or “foobar.co.uk” will be blocked. Placing the wild card in any other position is not supported. The device will inspect and look for blocked domain names on all HTTP traffic. Secure web (HTTPS) traffic is not supported.

Setting Exempted User Groups and Subnets

You can also set up specific user groups or subnets to exempt from web blocking and application blocking. Simply click the checkbox for the groups you wish to exempt, and add your network and subnet masks. Please note that these exemptions affect both web and application blocking.

Frequently Asked Questions

How does the Web Blocking list work? Your router has an integrated list of website categories (e.g. adverts, file sharing). When the router detects traffic from a source URL that matches the website list, that traffic can then be blocked if needed.

Will the Web Blocking list work without an IC2 subscription?
Yes, the Web Blocking list will continue to function without an IC2 subscription. However, the list will not be updated.

Will the Web Blocking list work for out-of-warranty devices?
Yes, the Web Blocking list will continue to function for out-of-warranty devices. However, the list will not be updated.


Web Content Blocking - peplink 20
List-Based Web Blocking - Light and Full
How to Block Windows Updates in low bandwidth situation through routers?
Block websites from only a subset of LAN computers?
BR-1 bandwidth thottle, using too much data
Balance 30 LTEA - Content Filtering - Lite Version Categories
Balance UI Deep Dive - Network Tab
CIPA Content Filtering for schools
Add category based content filtering to other devices in the range
M2M recomended users
#2

Hi Peplink team

my name is Victor, what is the option for add to my balance 310 the section web blocking?

the last time i can did it but now this option is not avalible in my balance menu.


#3

I have a Surf SoHo and just updated my firmware to 6.3.3. I do not see the web blocking preset categories. Can you please advise me regarding why?

Thanks


#4

Please confirm your Surf SOHO’s Hardware Revision number.

This feature is supported on Surf SOHO Hardware Revision 2 and SOHO MK3. You may find the info in the release note below.


#5

Thanks. I didn’t see that originally. I guess I don’t have it on mine. It’s Hardware Revision 1. Although I’d like to have that option, I’m not going to purchase another unit just for that.

Thanks for pointing it out.


#6

Got burned today, (r20170307) with only Adware selected blocks Gotomeeting.


#7

@Todd_Troutman

Do you have the details URLs for gomeeting that had been blocked ? We can actually recheck the URLs list.


#8

Unfortunately no, the users are remote from me and were down to the wire to start a webinar so I had to just disable.


#9

If this is the case, I would suggest exempting the User Groups or Subnets instead of disable the Content Blocking.

Hope this help.


#10

Thank you TK that does help. One other question, does URL logging mark Content Blocked URL’s so that I can observe incidents of attempted access to Blocked URL’s?


#11

Yes. You will see something like Domain <www.abc.com> has been blocked by content filtering category .


Suf Soho Web Based Blocking Zinio Reader iOS iPad Blocked
#12

Updating the Content Filtering Database Blacklist?
The Status tab of my Surf Soho MK3 (7.0.2) shows a Content Filtering Database of (r20170307). Is the latest database 3 March 2017?
(I clicked on the Download (r20170307) hyperlink and the file blk_list_ssohomk3_2933D71744EC was downloaded to my computer, so there doesn’t appear to be a method for manual update.)


#13

Hello. There are several sites blocked in the Lite version that make no sense at all being blocked. For example, youtube_com and netflix_com under “audio-video”, and hulu_com under webtv. That is enough to need to disable both categories for a home setting because I need access to them! (Manually adding each doesn’t work because they also use other sub-domains which are also blocked, so the videos still don’t play. For example, images_netflix_com is blocked under “ads”).

Other benign sites are rendered useless with certificate errors if any content blocking category is enabled at all, suck as lifehacker_com and people_com. Only disabling all categories allows them to work.

I think Content Blocking is going in the right direction, but the lack of granularity in the “lite” version and lack of more frequent database updates make this feature extremely limiting at the moment… at least for home-office users like myself.

Gabriel Mongefranco
https://gabriel.mongefranco.com


#14

I am using balance 310 and I need to block proxy/anonymizer sites and since it is using lite version, the proxy/anonymizer is not included on the options. Proxy sites are too many to add manually. Is there any other way to address this?