Connect
Ask Community
Ask the community
Ask Community
  • Home
  • Android
  • What security and usability features should I enable in a kiosk browser to prevent users from exiting the app?

What security and usability features should I enable in a kiosk browser to prevent users from exiting the app?Solved

Profile photo of luuk
luuk
Participant
Discussion
Hexnode UEM
1 day ago Apr 16, 2026

Hey everyone, we’re deploying 50 tablets for a public exhibit and I’m struggling to keep people inside the browser. I need to lock it down so they can’t browse random sites or use the home/back buttons to get into the tablet settings. What are the specific settings and paths in the Hexnode portal to make this ‘bulletproof’? 

topic view count 18 Views
Reply

Replies (3)

Marked SolutionPending Review
Profile photo of aurora Veteran image
aurora
Participant
23 hours ago Apr 16, 2026
Marked SolutionPending Review

The first thing you need to do is restrict where they can go. In the Hexnode portal, go to Website Kiosk Settings. Here, you’ll see the URL Allowlist . Add your specific site URL here and use the wildcard if you want them to access sub-pages. This ensures the browser literally won’t load any other address.  

Marked SolutionPending Review
Profile photo of mees Veteran image
mees
Participant
21 hours ago Apr 16, 2026
Marked SolutionPending Review

Don’t forget about the physical buttons! People will try to use the Power or Volume buttons to force a crash or find a loophole Finally, to make sure you can still get in for maintenance, go to Kiosk Exit Settings in that same Kiosk Lockdown tab and set a Kiosk Exit Password 

Marked SolutionPending Review
Profile photo of mary_romero Hexnode Expert image
mary_romero
Hexnode Expert
16 hours ago Apr 16, 2026
Marked SolutionPending Review

Thanks for raising this question! To make things a bit easier for everyone to follow, I’ve summarized the points: 

Step 1: Restrict Web Access & Browser Engine 

First, you need to define the boundaries of the internet for your users. 

  • Navigate to: Policies > Kiosk Lockdown > Android Kiosk Lockdown > Website Kiosk Settings. 

  • The URL Allowlist: Add your specific site URL here. Pro tip: Use the * wildcard if you want users to navigate sub-pages. This ensures the browser won’t load any unauthorized addresses. 

  • Browser Selection: Set the Kiosk Browser to Hexnode Browser Lite. This is crucial as it uses Hexnode’s own secure engine to strictly enforce these allowlist rules. 

Step 2: Remove OS “Escape Routes” 

Even with the browser locked, users might try to use the Android system UI to exit the app. 

  • Navigate to: Policies > Android > Restrictions > Advanced. 

  • Hide Navigation & Status Bar: Check both boxes. This hides the Home, Back, and Recent Apps buttons, as well as the notification shade. Without these, the user is effectively “trapped” within the browser window with no UI buttons to exit. 

Step 3: Secure the Physical Hardware 

Don’t forget that physical buttons can be a loophole for users. 

  • Disable Buttons: Toggle the options to Disable Power Button and Disable Volume Buttons to prevent users from forcing a restart or crashing the kiosk interface. 

Step 4: Establish an Admin Backdoor 

Finally, you need a way to get back in for maintenance. 

  • Kiosk Exit Password: Set a secure password here. This allows an authorized admin to exit the kiosk by tapping the screen a specific number of times and entering the code, while keeping the general public locked on your site. 

Regards, 
Mary Romero 

 

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Pro image
bram
2600 pts
Profile photo of timo-liam Veteran image
timo-liam
1730 pts
Profile photo of eliiza Novice image
eliiza
1657 pts
Profile photo of leo_scott Novice image
leo_scott
1557 pts
Profile photo of carter Novice image
carter
1515 pts
View all

Popular Tags

ABM (58)
Android (506)
iOS (380)
macOS (497)
Windows (357)
Apple TV (33)
App Management (388)
Enrollment (121)
Location (31)
Kiosk (243)
Scripts (94)
ADE (54)
OS Updates (81)
Android Enterprise (148)
View all