So Your Students Are Getting Around the School Web Filter?

Getting Around Web Filters

Ever since CIPA was enacted in 2001, school districts have been using web filters to keep their students safe online. And ever since filters have been implemented, students have been trying to get around them.

Trying to knock down and prevent circumvention techniques such as VPNs can feel frustrating at best, futile at worst. As soon as you find one way students are circumventing the filter, they find another. It’s almost like playing a game of whac-a-mole.

Don’t give up though, there is hope. 

Web filtering has come a long way since 2001. In those early days of CIPA, blocking certain URLs and relying on reputation-based web filtering was enough to block out the worst of what students might come across online, unintentionally or otherwise.

But, no matter how advanced your web filter, some students will do their best to find holes or workarounds. Students are also more technologically savvy than they’ve ever been. Understanding how they typically do that—and how to prevent it—can go a long way towards improving the efficacy and longevity of your web filter. There are a multitude of ways that students get around content filters.

How To Get Around Web Filters

Wondering how students keep sneaking past your web content filter? Here are five of the most common ways.

Proxy Websites

One of the first ways students learned how to get around web content filters back in the good old days (the late '90s) was through proxy websites. Two decades later, it still remains one of the top methods. Proxy websites act sort of like a “browser within a browser.” Students search for them online and use them to access sites anonymously. They change rapidly, though, so blocking individual sites isn’t enough.

VPNs

Students can download VPNs or virtual private networks on Google Play, and use them to bypass the filter at school. With so many VPNs coming up each day, it’s tricky to pinpoint which are being used to get around the internet filter.

Sneaky USBs

Another way USBs can be used is to smuggle in Firefox and run it on school devices without the web filter recognizing it. A sort of Trojan Horse for search engines, all students need to do is bring in the aptly-nicknamed thumb drives and plug them in wherever they’re working (or not working).

Stealing Passwords

The most old-school—but no less serious—way students are getting around web filters is by snagging WiFi and other passwords from teachers or staff. While it may be tempting to store passwords somewhere easily accessible, students have sharp eyes and it’s best practice to encourage the teachers in your school district to keep their passwords protected. 

Cell Phones

Good luck getting students to give up their phones, but like it or not, they’re here to stay. And with them? Unfiltered web access. Wherever students bring their phones, they have the internet at their fingertips. With cell phone jammers being illegal (and for good reasons, including safety), technology may not be the answer here. 

How to Prevent Students Getting Passed Web Filters

If these sound insurmountable, rest assured there are some strategies you can implement to significantly reduce web filter workarounds. You might not be able to catch every single one, but there will be fewer students exposed to distracting—and potentially dangerous—online content.

AI and Heuristics

With things like VPNs and proxy websites, blocking URLs simply isn’t enough. You’ll want to use technology that has machine learning built in it to identify the common behaviors of circumvention. For instance, VPNs use brute force—if one URL is blocked, it tries another. Smart filters can identify this behavior and block the VPNs before students are able to use them.

True Content Filtering

DNS filters are quite easy to trick with simple processes such as IP access. Additionally, chrome VPNs are very prevalent on bring-your-own-device (BYOD) networks. Full Layer 7 filtering is necessary to prevent circumvention. CIPA compliant filters today need to have visibility across all ports on TCP and UDP.

Deny or Limit Port Access

When it comes to VPNs or USBs with TOR or something similar on them, though, denying or limiting port access can go a long way towards preventing their use. Options include locking access to ports without a teacher’s permission, and/or limiting the use of specific ports (eg. one could be used just for email, etc.)

Real-Time Monitoring

A more advanced technique to prevent students from getting around the web filter is using real-time monitoring to see what exactly students are up to on their devices. A tool that gives classroom management control over to teachers can help prevent filter workarounds.

Keep Passwords Private

It might sound like common sense, but the only way to prevent students from getting passwords for getting around filters is to prevent them from finding them in the first place. Make sure all staff has sufficiently secured passwords, and that they’re stored safely and updated often.

Foster a Culture of Safety 

Ultimately, one of the best things any school can do when it comes to their web filters is to foster a culture of internet safety. This can include continued education for the IT department and teachers alike, lessons for students on internet safety, and investing in a comprehensive and integrated tool for your school(s) to manage their web filtering safely and effectively.

Linewize Content Filtering

The Linewize web filter leverages its AI technology to identify and stop circumvention use among students. Read our whitepaper to get a more in-depth look at how our platform does this and contact us today to learn how we can help you.