Showing results for 
Search instead for 
Did you mean: 






URGENT WARNING! Vodafone content filtering no longer works for some browsers in "Private" mode.

4: Newbie

It seems that certain browsers (Apple's Safari, Google Chrome) have switched to sending type 65 (HTTPS) DNS requests by default to resolve domain names when the user is in "Private" mode to maximise the security of these protections.

Unfortunately, it appears that VF's Content Control solution only works/is only applied to the more traditional type 1 (A) requests and, as a result, anyone('s teenage children*) can bypass the filters simply by opening a private browsing window on their computer or device.

Without wishing to be a Helen Lovejoy**, I do think this really needs fixing, ASAP!

(* this is the voice of experience speaking)
(** "Won't somebody please think of the children?!")



16: Advanced member
16: Advanced member

Firefox has used DoH (DNS-over-HTTPS ) for sometime. (and not only in private mode)

Surely it is the parents responsibility to control their children's use of the internet, they shouldn't rely on 3rd parties to do it.

And, if their children are in any way I.T. literate (and whose kids aren't), simple DNS filtering is so easy for them to overcome.

All it does is give the parents a false sense of security.

As much as anything, I'm trying to address the false sense of security by alerting people to the fact.

16: Advanced member
16: Advanced member

@raimesh Then not use MS Edge in its default settings as it ignores loads of stuff the consumer may have setup. But this behaviour in "private mode" is well documented.

I didn't mention MS Edge, but seeing as how you have I've checked and, interestingly, that's one browser that doesn't have this problem on an almost new Win11 build or on MacOS.

But, at the end of the day, VF either need to update their filtering services to take account of the need to filter newer types of DNS requests, or they need to make it clear on their content filtering pages how easy it is to avoid the filters.

16: Advanced member
16: Advanced member

You're preaching to the converted here.

Whilst, in an ideal world, an ISP could provide safe filtering, today's browsers provide DoH as their way of helping us stay secure without considering the implications. You want a way to prevent users on your network bypassing security then that's your problem. Vodafone's obligation is just to provide connectivity. 

16: Advanced member
16: Advanced member

@raimesh  Yup Edge doesn't have the "problem" as you see it because it has it's own idea of what it thinks is good security. If you like your browser trying to circumvent your personal security plans then use Edge at default settings, otherwise do have a look at all the "wonderful" and "helpful" features that MS thinks you need.