Posted by antdude 640 days ago
Category: Content filtering | Tags: allow block filter bad server site web
I would like to see an option to let user go the bad site that OpenDNS blocked anyways. Basically, OpenDNS just gives a warning Web page but the user still has the option (a link?) to visit the site (at his/her own risk). Basically, only a warning page. That's all.
comments 28 Comments  

Comments

written by masa 639 days ago Rating: 2 | Rate Comment: + -

Doesn't that completely void the concept?

written by apathyonline 638 days ago Rating: 6 | Rate Comment: + -

No... not really, but he could possibly use something else for this.

written by Mark 633 days ago Rating: 3 | Rate Comment: + -

This could be useful in certain industries. Example: Financial Analyst researching stocks in the Weapon industry. If the Category Blocking for Weapon category is on, the Analyst would get blocked when trying to access a Weapon related page. If the Analyst feels the site is safe to continue on to, then they click the "Bypass" button.

written by jamie198402 632 days ago Rating: 2 | Rate Comment: + -

one way how this might work is to possibly log into opendns details to accept the bypass

written by leebaldwin 343 days ago Rating: 2 | Rate Comment: + -

That is an option I would love to see put in place. If a site gets blocked and I have a admin password, then I could still continue on after putting in the password.

written by ptmm.net 629 days ago Rating: 16 | Rate Comment: + -

Like all other parental control systems, a simple password to allow temporary access to blocked pages. A setting for "Blocked" categories and another setting for "Allow Bypass: [password|link]" categories could allow users to set which categories are blocked for good, and which would allow either a password bypass, or a simple "if you understand the risks and want to access this page anyway _click_here_" style warning.

I'm not sure this would be a simple thing to implement. What would probably be easier is a password that temporarily disables the filter alltogether, by means of a password probably. This would just ignore any filter settings on the DNS and use the defaults for x number of minutes (configureable in the account settings I would hope).

As a network administrator, there are times I may want to quickly shoot past the filters to investigate something (like a phishing email to find the hosting address and report it).

I guess in all one could just set their DNS servers locally on the machine to the ISP defaults for the time being and then set them back, but a password would be a nice feature.

written by shblackhawk 628 days ago Rating: 8 | Rate Comment: + -

If continuing is password protected and a report is made for the end user to see where they went.

Depending on how this would be set up, if the password disable all blocks I would need a report telling me what was visited when the block was disabled.

written by tomdlgns 628 days ago Rating: 1 | Rate Comment: + -

i would not like this idea at all. i have openDNS enabled for my younger cousins and having a bypass button would allow them to navigate to the filtered content pages.

however, adding a master password for the bypass button, i could go for that. but the bypass button would NEED to have a password option, this way kids/teens cant just bypass the block.

i also have this implemented in a few small businesses and a bypass button w/o a password option would not be a good block, employees would get right around that.

written by claydonfamily 547 days ago Rating: 0 | Rate Comment: + -

You could just disable the feature if it is added.

written by swhitlow 627 days ago - show/hide this comment Rating: -1 | Rate Comment: + -

written by sparko 585 days ago Rating: 2 | Rate Comment: + -

"I'm not sure this would be a simple thing to implement."

It shouldn't be difficult to implement. During normal surfing, OpenDNS is transparent to the end user. When the user is presented a "blocked.. contact your administrator" page, the page could additionally contain a webform. The user would have an opportunity to enter the "bypass" password. When the form is submitted, if the correct password has been entered, the OpenDNS webserver response could set a SESSION cookie.

After the initial request, the user's client may (or may not) have cached the DNS info. In other words, user wouldn't necessarily be redirected to a "block" page on EVERY pageload...

but, if the OpenDNS webserver checked for the presence of a cookie, it could allow the user to passthru using a meta-refresh tag embedded into the block page, or the server could perform a redirect via HTTP response headers.

So, thumbs up -- I'm onboard, voting for this suggestion!

written by kurtisnelson 532 days ago Rating: 1 | Rate Comment: + -

I know that both windows and my router cache DNS, so that if I hit a blocked site and then unblock it, I have to clear all my caches. It is not really possible to have the DNS server report one thing some times and another differently.

written by Jeff 555 days ago Rating: 2 | Rate Comment: + -

This would be a great option. I'd like the ability to choose this by category, i.e. BLOCK and WARN options next to each category in the setup area. Then the option to override the block with a password, should an override password exist.

written by arafey 547 days ago Rating: 1 | Rate Comment: + -

The local high schools near my area have a similar setting. At least half the websites on the internet are blocked, even Wikipedia. However, if an administrator needs to access a certain website, there is an override button, it asks for a username and password and asks how long to keep sites unblocked. This way, you can go to the blocked site, say for 10 minutes and when someone else gets on the PC after, the session cookie expires and they're blocked again.

written by leebaldwin 537 days ago Rating: 3 | Rate Comment: + -

I would have voted for this, but what I would rather have seen was something like an administrative override password.

written by yateley 501 days ago Rating: 2 | Rate Comment: + -

I too, am voting for this, but would rather be allowed to enter an administrative password in order to temporarily override the blocking of a site/category, and only for the person in control of that administrative password - i.e. - ME!

written by tymes 497 days ago Rating: 3 | Rate Comment: + -

No, this isn't technically viable. Not only would it be hard to implement considering local computer and intermediate caching servers, but via DNS there is no method to determine who was making a request so other peeople would be given access without this splash page you all want.

You need proxy servers not opendns. Different beasts.

written by acolbeck 439 days ago Rating: 0 | Rate Comment: + -

This is exactly a job for the proxy server that OpenDNS already implements as a workaround to the Google toolbar.

written by sbrad 333 days ago Rating: 1 | Rate Comment: + -

I think the admin password workaround is a perfect idea and, in my opinion, one of the major things opendns is missing.

written by washuu 324 days ago Rating: 1 | Rate Comment: + -

tymes: are you sure this is not possible?

Of course DNS of blocked page will be this of blocked.opendns.com and cannot be changed, but when you hit blocked.opendns.com and type password, you can be redirected by http 302 code to true site IP.

written by edavid3001 276 days ago Rating: 0 | Rate Comment: + -

This would only be useful to me if I could set a different password for each category block.

For example, my users that are allowed webmail might know the webmail password. That would allow me to block webmail using OpenDNS (Currenty use 8e6 and Surfcontrol and some Squid.)

I could change the password weekly. Users allowed to video sites would know that password...

But I don't see how it would work. You would have to have extremely low TTL on the DNS of blocks. I've done DNS for almost a decade now. Windows DNS loves to replace the TTL with YEARS often enough. And many things implement a minimum TTL higher than X if the DNS TTL response is too low.

Open DNS works by me setting my DNS servers on my client, and then using Windows DNS. If I set DNS on my router only, then my clients can bypass openDNS by setting their DNS servers to any of a thousand DNS servers. So we assume control of the client with OpenDNS. What about an OpenDNS service that installs onto Windows/Mac which is a OpenDNS resolver. My client points to 127.0.0.1:53 which is the service which points to OpenDNS. That would allow many more features. My .02

written by shambley 253 days ago Rating: 0 | Rate Comment: + -

I provided pro bono support to a number of foster families. The kids like the opendns system as it means they have reasonable access to the internet and some trust from the 'Man'. As it is if one or more of the sites are blocked I have to access the net from an unprotected computer (works but a royal pain in the butt) to verify that were they want to go is in fact allowed under the rules. It would be nice, actually extremely helpful if I could click though via an admin password to verify the site.

Unintended benefit: as I'm the go to adult (I'm a retired foster parent that takes the roll of grand parent) I am given the opportunity to discuss the kid's need for visiting the site. Over time this has built trust and allowed problems to be addressed early on BEFORE they become serous.

written by evariel 234 days ago Rating: 0 | Rate Comment: + -

I'm voting for this as this feature is not that unusual using other means of web filtering like OpenDNS. Just put a disclaimer on the page, and saying that the I.P. will be monitored etc etc, but then again you might as well use an internal web filtering blocker than handles and recognize every single I.P that bypass this 'questionable' site.

written by damaruk 219 days ago Rating: 0 | Rate Comment: + -

This one has my vote, we want to block certain sites that have file shareing capabilitys but distribute patches / updates sometimes via such sites so some method of allowing once via some kind of password or code would be useful.

written by vamp_slayer 214 days ago Rating: 0 | Rate Comment: + -

I think this is a great idea, but there should definitely be a password used so the Administrators of a network have control over who can bypass the filters.

written by markehle 111 days ago Rating: 0 | Rate Comment: + -

I vote for this. We use OpenDNS at the library I work at, and it is the law that I should be able to unfilter sites at the patron's request. Right now I have no way of doing this. So far, it has not become an issue, but someday some butthead will walk in the door and decide to sue us because he could not get to his website. Similar things have happened, so I really could use this capability.

written by fkhass 67 days ago Rating: 0 | Rate Comment: + -

I don't think this is something for a DNS server to take on. For one thing, it requires that DNS requests be tracked to a particular machine and user on a LAN and they are not. Rather this is something that has to be implemented at the machine, user, or router level.

written by rafael.minuesa 16 days ago Rating: 0 | Rate Comment: + -

I guess you are aware that you can manage individual domains to make sure are always blocked (or always allowed) regardless of the categories blocked in your settings.

Rather than a link to the site being blocked, I would include a link to your settings page where you could whitelist that particular site.


Sign in to comment or register here.