Web content filtering level changes not working
In the "Choose your filtering level" option, I selected Custom and selected the categories important to me and I also have a few sites in the whitelist and blacklist under "Manage individual domains." I have found that any change I make to the "Choose your filtering level" does nothing. I even went so far as to select "None" and there is no effect. I have waited hours and never has the change made at the website been reflected. This has been going on all summer and am just now finally posting a question about it.
The black/white list functionality does work. I can add/remove domains and in 3 to 5 minutes the change is reflected when I try to access the URL.
What can I do to get this functionality back?
Thanks!
-
Thanks, have followed the support content here and elsewhere, trying to unblock www.hanes.com to buy a sweatshirt. The Opens DNS is blocking the site. I have taken the router off the DNS address for the Open DNS Home VIP Web Content Filter (substituting my ISP default DNA address), and can then get to the www.hanes.com, but then there is no web filter. I have flushed the caches several times, I have rebooted several times, and using IE 11, have deleted everything that can be deleted in the Tools, General menu. I am using the Custom setting in Open DNS Web Content Filter not checking "lingerie" and I have added www.hanes.com to the "Never Block" list. No avail over several days. Any thoughts? May be one of the other settings is triggering the block. In the past month have also used and removed Firefox and Chrome, maybe something left over there?
-
First of all, in case of this website, do not whitelist subdomains but the whole zone hanes.com which covers this and all its subdomains. And www.hanes.com is an alias of www.hanes.com.edgekey.net and e4016.b.akamaiedge.net. Also, this site uses more domains than just hanes.com, almost CNAMEs, like www.justmysize.com, fast.fonts.net, www.onehanesplace.com. Ensure that you don't have blocked any of those.
See https://dashboard.opendns.com/stats/381799/blockeddomainsAlso, hanes.com (and subdomains) are categorized as Ecommerce/Shopping, Lingerie/Bikini. If you haven't checked these categories, then it should not be blocked, and you shouldn't need to whitelist it.
You may want to post the complete plain text output of the following diagnostic commands here (trailing dots are part of the commands):
nslookup -type=txt debug.opendns.com.
nslookup www.hanes.com.
nslookup www.onehanesplace.com.
-
Here is the plain text of the first command
C:\Users\L>nslookup -type=txt debug.opendns.com.
Server: router.belkin
Address: 192.168.2.1Non-authoritative answer:
debug.opendns.com text ="server 1.ash"
debug.opendns.com text ="flags 20 0 2F6 7E00000014C1"
debug.opendns.com text ="originid 22550759"
debug.opendns.com text ="orgid 245955"
debug.opendns.com text ="actype 2"
debug.opendns.com text ="bundle 6270021"
debug.opendns.com text ="source 98.30.34.12:32769"
-
Second plain text reply
C:\Users\L>nslookup www.hanes.com
Server: router.belkin
Address: 192.168.2.1Non-authoritative answer:
Name: www.hanes.com
Addresses: 67.215.65.130
67.215.65.130 -
www.hanes.com is indeed clearly blocked for you. This 67.215.65.130 is not their IP address, but OpenDNS's hit-adult.opendns.com indicating that the site is being blocked by your category settings. Ensure that you have added hanes.com to your "never block" list and that you flushed your two caches (local resolver and browser) and wait 3 minutes before you attempt to visit it again.
Also ensure that 98.30.34.12 is registered with your network at https://dashboard.opendns.com/settings/ and not any other IP address.
-
The above was meticulously followed but it did not unblock the site. Somewhere somehow the site is simply indelibly marked as blocked. Is it possible that since I had used Firefox and Chrome that it has files that are shared with IE, but that the IE browser cache flush (Using the Tools menus) and ipconfig /flushdns does not affect?
-
No, there's nothing magic in the game. There must be a simple explanation. Do you have hanes.com in your "never block" list?
And clearing the browser cache takes effect only in this browser and under this user being logged on.
And you do not need to test with a browser as long as "nslookup www.hanes.com." returns this OpenDNS IP address of 67.215.65.130, because it is blocked then. I.e. testing with this command alone is already fully sufficient. You even doen't need to flush any cache unless your router maintains an own cache too. A reboot of the router should help here.
The command "nslookup www.hanes.com." would normally return something like:
Name: e4016.b.akamaiedge.net
Address: 92.122.244.90
Aliases: www.hanes.com, www.hanes.com.edgekey.netIt's also worth visiting your blocked domain stats to see what is being blocked and why: https://dashboard.opendns.com/stats/all/blockeddomains
-
"same problem" - Same answer. Copying from above:
You may want to post the complete plain text output of the following diagnostic command here (trailing dot is part of the command):
nslookup -type=txt debug.opendns.com.
I.e. without this and maybe other additional information from you nobody can help. You also had to post a screen shot of your category / whitelist / blacklist settings and the names of the domains where you don't get the expected results for.
-
There are two places on your computer that store DNS information, that are checked before your request goes out to OpenDNS - first your browser cache and then your operating system cache.
These excerpts from a couple different sites helped this novice user:
"Different applications cache the data for a specific period of time. IE10+ will store up to 256 domains in its cache for a fixed time of 30 minutes. While 256 domains might seem like a lot, it is not – a lot of pages in the internet have more than 50 domains referenced thanks to third party tags and retargeting. Chrome, on the other hand, will cache the DNS information for one minute, and stores up to 1,000 records. You can view and clear the DNS cache of Chrome by visiting chrome://net-internals/#dns." http://blog.catchpoint.com/2014/07/15/world-dns-cache-king/
"The whole reason for caching DNS records is to reduce unnecessary DNS queries; many webservers don’t change their IP addresses all that often. Every DNS record that your operating system requests has what is called a “Time to Live” (TTL), which is a number (in seconds) that determines how long a particular DNS record is cached by your Operating System (OS).
As the Internet has grown, web browsers have gotten faster and better at providing a good user experience. One of the ways they do this is to cache DNS records for a short time on top of the OS level cache.
When you visit a website (like Dyn.com), your web browser needs to resolve that domain name to an IP address before it can load the page. When your web browser makes a request for that DNS record, it first checks [the browser cache and then the] operating system resolver. If the IP for the domain name isn’t cached there, your OS queries your nameserver for the DNS record, which then gets passed to the browser. When the TTL has passed, your OS purges that resolved domain from the cache and subsequent requests to that domain would cause a new query to your nameserver.
TTL values are set per DNS record. In the past, a very common value of 86400 (24 hours) was used. As the Internet has grown, this value has become too large for some sites. Load balancing, active failover, disaster recovery and many other things work and benefit from setting a deliberately low TTL in their DNS record.
A simple program I wrote to query the top 1000 websites (according to Alexa) shows 212 hits with a TTL value of 300 (5 mins), 192 hits with a TTL of 3600 (1 hr), 116 hits with a TTL of 600 (10 mins) and 79 hits with a TTL of 86400. The rest of the results had hits in the 50s and less, ranging anywhere from a TTL of 5 (1 hit) to a TTL of 864000 (1 hit).
You may be wondering why web browsers would even cache DNS entries if the operating system already does this. Supposedly, this happens to reduce DNS server load and speed up response time, although I can’t imagine a hit on your OS DNS cache is all that expensive of an operation. Mozilla has even documented this behavior here. Most other browsers do this too, though their times seem to vary somewhat, ranging from 15 to around 60 seconds with Opera caching (seemingly) indefinitely until browser restart and Internet Explorer for 30 minutes." http://dyn.com/blog/web-browser-dns-caching-bad-thing/
If I have a wrong understanding, I'm sure rotblitz will correct me - hopefully gently, as it's not always the case.
-
Hi, I know this topic is quite old, but I have a similar problem and don't know how to solve it. My DNS status after testing shows that everything works fine, and I use OpenDNS updater to update IP, which also works.
I cleared DNS on my Mac OS, browsing history on Chrome and Brave. And additionally, DNS under chrome://net-internals/#dns.I have checked Web Content Filtering for Custom with some specific website categories, and I still can access them.
This is my parameters:
Server: 208.67.222.222
Address: 208.67.222.222#53
Non-authoritative answer:
debug.opendns.com text = "server r1.wrw1"
debug.opendns.com text = "flags 20040020 0 70 180000000000000000007950800000000000000"
debug.opendns.com text = "originid 0"
debug.opendns.com text = "orgflags 2000000"
debug.opendns.com text = "actype 0"
debug.opendns.com text = "source 87.206.204.209:51672"
I hope that someone can help me with that.
Please sign in to leave a comment.
Comments
18 comments