So Your Students Are Getting Around the Filter?

Ever since CIPA was enacted in 2001, school districts have been using web filters to keep their students safe online. And ever since filters have been implemented, students have been trying to get around them.

Trying to knock down and prevent circumvention techniques such as VPNs can feel frustrating at best, futile at worst. As soon as you find one way students are circumventing the filter, they find another. It’s almost like playing a game of whac-a-mole.

Don’t give up though, there is hope. 

Web filtering has come a long way since 2001. In those early days of CIPA, blocking certain URLs and relying on reputation-based web filtering was enough to block out the worst of what students might come across online, unintentionally or otherwise.

But, no matter how advanced your web filter, some students will do their best to find holes or workarounds. Students are also more technologically savvy than they’ve ever been. Understanding how they typically do that—and how to prevent it—can go a long way towards improving the efficacy and longevity of your web filter.

How They Do It

Wondering how students keep sneaking past your filter? Here are five of the most common ways.

Proxy Websites

One of the first ways students learned how to get around web filters back in the good old days (the late '90s) was through proxy websites. Two decades later, it still remains one of the top methods. Proxy websites act sort of like a “browser within a browser.” Students search for them online and use them to access sites anonymously. They change rapidly, though, so blocking individual sites isn’t enough.

VPNs

Students can download VPNs or virtual private networks on Google Play, and use them to bypass the filter at school. With so many VPNs coming up each day, it’s tricky to pinpoint which are being used to get around the filter.

Sneaky USBs

Another way USBs can be used is to smuggle in Firefox and run it on school devices without the web filter recognizing it. A sort of Trojan Horse for search engines, all students need to do is bring in the aptly-nicknamed thumb drives and plug them in wherever they’re working (or not working).

Stealing Passwords

The most old-school—but no less serious—way students are getting around filters is by snagging WiFi and other passwords from teachers or staff. While it may be tempting to store passwords somewhere easily accessible, students have sharp eyes and it’s best practice to encourage the teachers in your district to keep their passwords protected. 

Cell Phones

Good luck getting students to give up their phones, but like it or not, they’re here to stay. And with them? Unfiltered web access. Wherever students bring their phones, they have the internet at their fingertips. With cell phone jammers being illegal (and for good reasons, including safety), technology may not be the answer here. 

Find the Right Balance (14)

 

How to Prevent It

If these sound insurmountable, rest assured there are some strategies you can implement to significantly reduce web filter workarounds. You might not be able to catch every single one, but there will be fewer students exposed to distracting—and potentially dangerous—online content.

AI and Heuristics

With things like VPNs and proxy websites, blocking URLs simply isn’t enough. You’ll want to use technology that has machine learning built in it to identify the common behaviors of circumvention. For instance, VPNs use brute force—if one URL is blocked, it tries another. Smart filters can identify this behavior and block the VPNs before students are able to use them.

True Content Filtering

DNS filters are quite easy to trick with simple processes such as IP access. Additionally, chrome VPNs are very prevalent on bring-your-own-device (BYOD) networks. Full Layer 7 filtering is necessary to prevent circumvention. CIPA compliant filters today need to have visibility across all ports on TCP and UDP.

Deny or Limit Port Access

When it comes to VPNs or USBs with TOR or something similar on them, though, denying or limiting port access can go a long way towards preventing their use. Options include locking access to ports without a teacher’s permission, and/or limiting the use of specific ports (eg. one could be used just for email, etc.)

Real-Time Monitoring

A more advanced technique to prevent students from getting around the web filter is using real-time monitoring to see what exactly students are up to on their devices. A tool that gives classroom management control over to teachers can help prevent filter workarounds.

Keep Passwords Private

It might sound like common sense, but the only way to prevent students from getting passwords for getting around filters is to prevent them from finding them in the first place. Make sure all staff has sufficiently secured passwords, and that they’re stored safely and updated often.

Foster a Culture of Safety 

Ultimately, one of the best things any school can do when it comes to their web filters is to foster a culture of internet safety. This can include continued education for the IT department and teachers alike, lessons for students on internet safety, and investing in a comprehensive and integrated tool for your school(s) to manage their web filtering safely and effectively.


The Linewize web filter leverages its AI technology to identify and stop circumvention use among students. Read our whitepaper to get a more in-depth look at how our platform does this.


Would you like some more information? Or a demo?
Get in touch
Subscribe to our newsletter
Follow us on social media

Recent posts

 
How to get teachers to adopt modern technology

Modern technology has the potential to transform classrooms. The possibilities of an increasingly digital and connected world are nearly ...

 
Everything you need to know about E-rate this year

At the start of the 21st century, when the calendar flipped from ’99 to ’00, just over half of all American adults used the internet. ...