How to set up a deny list for all Etsy domains?
Hello, it's recently come to my attention that Etsy is a low-key porn website. Its littered with nudity and pornographic content and I want to block all traffic to it.
How do I make a deny list that also stops other country's flavors of a website? I know blocking Etsy.com should block all subdomains, but what about an Etsy.uk or Etsy.jp, etc?
I know those websites don't exist, but I know that some websites have different dot whatever varieties and I don't want to have to sniff them all out. I just want to *.domain.* and nuke it from orbit, take no prisoners. Can this be done?
7 replies
-
Those country-specific domains should redirect to the etsy dot com domain anyway, with images hosted on etsystatic dot com, so you can just block those two domains and Etsy won't work. Anyway, if you're worried about *Etsy*, you might as well just block all common TLD and then only whitelist specific websites.
-
Thanks for the tip on etsystatic.
Unfortunately I can't do a whitelist approach because you never know what websites you will need. So many things now require you to open some website in order to proceed with some workflow, that it just isn't feasible to list them all.
I do whitelist apps on the family's various iDevices, because otherwise NextDNS could simply be bypassed, but whitelisting every restaurant menu or parking lot website just isn't feasible.
Next DNS's Porn category blocking is pretty good. With safesearch and the Porn category blocking I've been able to eliminate mostly everything.
There are online shops that sell items for adults like lingerie (go search "crotchless" in amazon/ebay/etsy) but Etsy seems to not have any limits on what the seller can upload. There are uncensored videos of naked men and women, as well as all kinds of smutty products being sold on there.
Image searching legitimate adult products such as sex toys, lingerie, and micro-bikinis with safesearch turned on seems to be finding all of the major online stores that are problems for teenage boys. And while there are a lot, its not insurmountable.
I mention Etsy because it is just egregious. At least eBay and amazon make an attempt to moderate, Etsy doesn't even try.
-
A teenage boy deliberately trying to find T&A on the internet won't be stopped by a DNS filter. There is full-length porn on Wikimedia, which if you block would break Wikipedia. If they have access to desktop Chrome/Firefox, they can just use any DoH server (including NextDNS' own non-blocking address). Even if they're seemingly tech-allergic, I guarantee any horny boys will learn to set up their own proxy when it comes to that.
-
T&A on the Internet, accessing Facebook outside parental controls, circumventing PIN codes on digital cable boxes, playing Age of Empires or hosting LAN tournaments at school computers, sneaking a dirty magazine out of the cornerstone. Go back to any era or generation and you’ll find a kid outsmarting an adult. Ha-ha!
-
Martheen I accidentally didn't reply to this, but yeah I agree it's a daunting task. My post is pending review but I'm not sure why. But also Brave browser comes prepackaged with a VPN in it. Because of this I only allow safari to be installed because it is the only browser that respects the configuration profiles and doesn't give an option to not use them. For other browsers, config profiles are just suggestions. Thankfully the safari browser has much greater configuration capabilities because apple has special restrictions specific to safari.
Boys will be boys, they'll find material to get it done with, as we always have
But nobody ever got addicted to a Sears catalogue, if you catch my drift. I just don't want them falling down a bottomless pit.
-
-
Oh I have the computers, network, and iDevices on lockdown.
I have a Mac admin I befriended helping me with unremovable profiles on iOS and macOS devices. It's this software called iMazing which allows you to use Device Supervision that is normally only available to businesses and schools. They can log in with their appleids such that they are technically their phones, but the phones themselves are actually locked and signed to my appleid keychain. They can't add or remove configuration profiles of any kind so that they must go through NextDNS, similar to how on a work phone, you are typically forced to go through the company VPN with no bypassing. And I have to whitelist any app they want installed.
And on the macOS computers it's the same thing, I'm the only admin, locked config profiles, they can't install anything, and can only log in as my account if they have my yubikey. No windows PCs allowed, I'm not going to even F with windows.
The Verizon 5G gateway is in bridge mode and I gave it a strong password. The Gryphon router also has a NextDNS profile, and that router is excellent for parental controls. Every device on the network can have all kinds of additional with its software, and you can only log into that router with the gryphon connect software. Both the gateway and the router are locked inside of a fiberglass enclosure mounted to a closet wall from the inside. (with actual keys, I installed real locks)
I know it sounds draconian, but I don't want them developing an unhealthy relationship with technology like so many people have. Like I mentioned, there are so many things you need a browser for in this world today, I can't possibly think of everything. Sometimes you need a browser to park in a car parking lot, or authenticate some transaction, or view a menu.
In addition to trying to eliminate as much porn temptation as possible, there's no video streaming or video games on theirs (and mine) phones or computers either. My goal is to have phones and computers be tools, used with intention, not a source of distraction and entertainment.
For games we have consoles, for watching videos we have TVs. And I must say it's working well. My kids don't have a phone or computer addiction like so many of their friends do. Their phones stay in their pockets for the most part while they watch YouTube or play games in the living room or den.
I don't hide any of this from them, I let them know exactly what I'm doing and why I'm doing it, and what I'll do if I find them trying to bypass my restrictions. I don't snoop on their traffic. I'm not trying to eliminate every sexy photo of women in bikinis or underwear from the internet (because I know they need something, we've all been there), I just want to nuke big problems as I find them.
Also they didn't find Etsy's pornographic content and nudity, I found it through google image search. My goal is to stay ahead of them.
And you bring up a good point @Martheen, I think I might want to investigate proxy websites, but I definitely don't think they are quite that tech savvy yet. They use computers with intention and would rather be watching YouTube or playing games on the TV. And on their phones they prefer to call their friends instead of texting.
I'm interested in NextDNS's "Block Bypass Methods" if this has a list of proxy websites, but I worry about the VPN part of it. I've found that when you disable VPN technologies through routers and such, that it also block's Apple's updates, iCloud, and Find My features.
-
If anyone is interested in locking down their household internet as well, here is that fiberglass enclosure I mentioned. Its incredibly sturdy and heavy duty and well worth the money if you want something that is 5G and wifi friendly that is also large and super strong with key lock support
Content aside
- 1 yr agoLast active
- 7Replies
- 223Views
-
3
Following