This article applies to organisations with a 'Hybrid' setup (both On-Premise Appliance and Cloud), as well as On-Premise only and Cloud only setups.
Content Modification allows you to allow access to specific websites while blocking certain content types on the pages your users visit. For example, you can prevent access to rated content on BBC iPlayer.
You can split Content Modifications into three main categories:
- Search - These modifications affect what is displayed when using search engines by ensuring SafeSearch is always turned on or by filtering out inappropriate content in the results.
- Comment removal - These modifications remove comments and comment systems, helping to prevent inappropriate language from appearing on screen.
- General - These are for specific services.
See a list of all available Content Modifications and check their availability for On-Premise Appliance or Cloud Filter.
On-Premise Appliance
The instructions below show how to set up a Content Modification policy for your On-Premise Appliance. You can also see guidance on implementing specific Content Modification types.
Content Modification in On-Premise Appliance combines the configuration settings. For example, you can set the Content Modification to apply to Unauthenticated IPs for Who and a Location Object for the school site for Where. In this configuration, a user must be both in the Unauthenticated IPs User Group and onsite for the Content Modification policy to apply.
Step 1: Set up HTTPS Inspection
Create a HTTPS Inspection policy to Decrypt and Inspect the Everything category.
Alternatively, select the category for the specific service, for example YouTube specific content modifications require the YouTube category to be decrypted and inspected.
Step 2: Set up the Content Modification policy
Go to Guardian > Content modification > Manage policies and check if a listed policy already applies to the type of content you want to modify.
- If a policy exists, Edit it.
- If there is no policy, go to Guardian > Content modification > Policy wizard to create a new Content Modification policy.
- In the Who section, select who the policy applies to. Select either:
- Everyone to apply to all users
- One or more User Groups
- The single user icon and enter a username (not available in Cloud Filter)
- In the What section, select the type of content to be actioned by the policy. Select either:
Important: To prevent issues with the policy not applying or (if applied to Everything), having unintended effects, you must make sure your policies are targeted to the right thing. Check what to target using the Categories and Content Modifications lists.
- In the Where section, select where the policy should apply. Select either:
- Everywhere
- One or more network locations (IP or range of IPs)
- In the When section, select when the policy should apply from your list of Time slots.
- In the Action section, select:
Create a new type of Content Modification
You should only create a custom Content Modification if you are sure none of the existing types suit your scenario, and you know what content to block.
- Go to Guardian > Content modifications > Policy Wizard.
- Expand the Action section.
Select Create a new content modification. The page will open in a new tab. - Enter a Name and optional comment.
- Enter any HTTP Headers to the Request headers to override field.
Tip
Specify multiple items by separating them with a comma.
- Select Save.
- Close the tab and return to your original tab.
Cloud Filter
The instructions below show how to set up a Content Modification policy in Cloud Filter. Creating a new type of Content Modification in Cloud Filter is not possible.
Content Modification in Cloud Filter looks at the configuration settings separately. For example, you can set the Content Modification to apply to Unauthenticated IPs for Groups and a Location for the school site. In this configuration, a user can either be in the Unauthenticated IPs User Group or onsite for the Content Modification policy to apply.
Important
You can only manage Content Modification policies in Cloud Filter if you have a Cloud only setup. If your organisation has a hybrid setup (both On-Premise Appliance and Cloud Filter), you won’t see the Filter > Content Modifications menu.
Step 1: Check for a banner
Go to Filter > Content Modifications and check for a banner at the top of the page that says ‘Please note the changes you make to your content modifications will not be applied to your devices until your on-premise system has been updated to the latest release.’
- You can create and apply Content Modification policies if there is no banner.
- If there is a banner, you can create Content Modification policies, but they won’t be applied to your devices. You must contact Smoothwall Support to enable Content Modification to be applied.
Step 2: Decide whether to use our Default Content Modification policies
By default, these Content Modification policies are automatically switched on in the background:
- SafeSearch via CONNECT header
- YouTube - Comments removal
- Force SafeSearch
- YouTube - SafetyMode cookie
Using the toggle does not affect whether these policies are applied - unless we switch them off for you, the toggle will show as not enabled, but they are still applied.
If you do not wish for these policies to be enabled, please contact Smoothwall Support to switch these off.
Step 3: Set up a Content Modification policy
- Go to Filter > Content Modifications.
- If you have a multi-tenant environment, move to the top right of the page, and select a tenant to apply the Content Modifications to, or select All Tenants.
- Select the tab for the Content Modification types - General, Video Streaming, Media or Safe Search.
- Select the Content Modification type to expand the editor. Note that these Content Modifications do not work:
- YouTube - Disable mini-player
- YouTube - Remove sidebar
- Google - Remove lyrics from search results
- YouTube - Disable polymer
- In the Groups section, select who the policy applies to. Select either:
- Everyone to apply to all users
- One or more User Groups
- Leave blank
- In the Locations section, select where the policy should apply. Select either:
- Everywhere
- One or more network locations (IP or range of IPs)
- Leave blank
- In the Default action section, select either:
- Include: The Content Modification policy applies to the selected group and location.
- Exclude: The Content Modification policy applies to everything except the selected group and location.
- Switch the toggle to the On position.
Step 4: Publish your changes
- Go to Filter > Publishing.
- Select Publish to set your changes to Content Modification live.