Web content filtering on iOS devices
Web content filtering settings for iOS allow the admin to block or grant access to specific websites for secure browsing. The admin can regulate web access on iOS devices by either blocklisting or allowlisting URLs. It enables enterprises to restrict devices from accessing malicious sites and helps keep the devices secure.
Configure Web Content Filtering via policy
To manage access to the websites on iOS devices, create a policy containing the blocklisted or allowlisted websites and push the policy to the target devices. To configure the policy,
- Log in to your Hexnode UEM portal.
- Navigate to Policies > New Policy. Assign a suitable name and description (optional) for the policy. You can also choose to continue with an existing policy.
- Go to iOS > Security > Web Content Filtering. Click Configure.
- Choose the appropriate Filter Type: Blocklist or Allowlist.
Filter Type 1: Blocklist
To block access to specific websites,
- Choose the filter type Blocklist.
- Enter the URLs to be blocklisted. Use comma or semi-colon to separate multiple URLs. Add valid URLs only. Valid URLs start with ‘http://’, ‘https://’ and ‘rstp://’.
- Click on the Add button to enlist all the URLs to be blocked. To remove a URL from the list, click on the trash icon to the right of the URL.
You can also enable Apple’s built-in web filter by enabling the option “Restrict inappropriate Content”. It will block any content that includes profanity or sexually explicit language automatically. Although Apple is not entirely perfect with blocking, it reduces the need to add every URL to the blocklist manually. When you enable automatic filtering, you can see a text box right below to add URLs that you don’t want to be checked by the web filter.
After associating the web content filtering policy with the device, if the user tries to access any of the blocklisted pages (for instance, https://youtube.com), the device prompts that the given page is restricted.
Filter Type 2: Allowlist
To grant access to specific websites,
- Choose the filter type Allowlist.
- Enter the URLs to be allowlisted in the appropriate text field. Add a valid URL starting with either ‘http://’ or ‘https://’. Only a single URL can be entered at a time, so separating multiple URLs with a comma or semi-colon won’t work here.
- The Bookmark Name field allows you to create bookmarks in Safari. Name them, and they will appear as bookmarks.
- The Bookmark Path field specifies the location for bookmarks in Safari. Since Apple updated this setting, all bookmarks will be listed under the “Approved Sites” folder, irrespective of what you enter here.
- Click on the Add button to add the URLs to the list. All the allowlisted URLs are displayed right below the text fields. To remove any of the URLs from the list, click on the trash icon corresponding to the URL.
When the web content filtering policy is applied, and if the user tries to access any webpage other than (https://www.hexnode.com) the allowlisted ones, the device prompts that the given page is restricted. Thus, webpage access will be denied.
Associate Policy with iOS Devices
The web content filtering configurations created in the Hexnode UEM portal have to be attached to the devices to take effect. Follow any of the following methods to associate the policy with its target entities.
Method 1: If the policy has not been saved,
- Navigate to Policy Targets > Devices > +Add Devices.
- Choose the target devices and click OK. Click Save.
- You can also associate the policy with Device Groups, Users, User Groups, or Domains from the left pane of the Policy Targets tab.
Method 2: If the policy has been saved,
- Go to the Policies tab and choose the desired policy.
- Click on the Manage drop-down and select Associate Targets.
- Choose the target entities and click Associate.