Block content on an allowed site using Content Modification Policies

This article applies to organisations with a 'Hybrid' setup (both On-Premise Appliance and Cloud), as well as On-Premise only and Cloud only setups.

 

You can use Content Modification to allow access to specific websites while blocking certain content types on the pages your users visit. For example, you can:

  • Block rated content on media websites
  • Prevent inappropriate content from showing in search results
  • Remove comments from web pages.

See a list of all available Content Modifications and check their availability for On-Premise Appliance and Cloud Filter.

Hybrid (On-Premise Appliance and Cloud Filter)

By default, you manage your Content Modifications using the On-Premise Appliance. Follow the guidance for On-Premise Appliance, or move to using Cloud Filter by following the steps below.

Before you begin

  • Update your Smoothwall On-Premise Appliance to Maiden-26 or above to manage Content Modification in Cloud Filter. Without this update, you won’t be able to edit anything on the Filter > Content Modifications page, and you’ll see a banner that says: ‘To manage Content Modification from Cloud Filter, update your On-Premise Appliance to Maiden-26 or above.’
  • If you continue to use the On-Premise Appliance to apply Content Modification and filtering as well as or instead of the Cloud Extension:
    • Ensure you have a HTTPS Inspection Policy to Decrypt and Inspect the Everything category.
    • If this is not possible, use the relevant category for the Content Modification. For example, for Vimeo - Force mature content filter, Decrypt and Inspect the Vimeo category.

Manage Content Modification from Cloud Filter

  1. Sign in to On-Premise Appliance.
  2. Once the setup in Cloud Filter is complete, you’ll no longer be able to see the Content Modification Policies you configured in On-Premise Appliance. Go to Guardian > Content modifications > Policy Wizard to review and note down your configuration.
  3. Log out of On-Premise Appliance.
  4. Sign in to Cloud Filter.
  5. Cloud Filter works differently from On-Premise Appliance in that you can’t set up the same Content Modification Policy to apply in a different way to different User Groups. You’ll need to create User Groups for the specific list of users to whom the Content Modification should and should not apply.
  6. Follow the guidance for Cloud Filter to toggle at least one Content Modification on, with both the Groups and Locations fields configured.
  7. Publish your changes.
  8. If you go to the Policy Wizard page in your On-Premise Appliance, you’ll see a banner that says: ‘Your content modifications are now managed via the cloud portal.’ You’ll see a list of the Content Modifications applied from Cloud Filter for your reference, but you can’t edit your Content Modification Policies from here.

Because you can set up global and tenant-specific Content Modification policies in Cloud, you’ll see a section for each with a list of the applied Content Modifications ordered alphabetically.Cloud does not assign a number to policies because it does not apply them from top to bottom in each table. However, it applies tenant-specific policies before any global policies.

  • Where you have a Content Modification Policy in Cloud Filter with Include as the Default Action, you’ll see one row in On-Premise Appliance with the Action of Apply.
  • Where you have a Content Modification Policy in Cloud Filter with Exclude as the Default Action, you’ll see two rows in On-Premise Appliance to Ignore the Content Modification for the selected users, and Apply it for Everyone else.

Image 1: Example Content Modifications applied from Cloud Filter showing in On-Premise Appliance.

 

Switch back to using On-Premise Appliance

  1. Sign in to Cloud Filter and go to Filter > Content Modifications.
  2. Switch the toggle for all Content Modifications to the Off position.
  3. Go to Filter > Publishing and select Publish. The On-Premise Appliance automatically applies the Content
  4. Modification Policies you used before moving to Cloud Filter.
  5. Sign in to On-Premise Appliance and go to the Policy Wizard page to edit or delete your On-Premise Appliance Content Modification Policies.

 

On-Premise Appliance

Follow these steps to manage Content Modification Policies in On-Premise Appliance.

Important

You can only create global Content Modification policies in On-Premise Appliance. To create policies for specific tenants, use Cloud Filter.

 

Before you begin

Ensure you have a HTTPS Inspection Policy to Decrypt and Inspect the Everything category.

If this is not possible, use the relevant category for the Content Modification. For example, for Vimeo - Force mature content filter, Decrypt and Inspect the Vimeo category.

Set up a Content Modification policy

Go to Guardian > Content modification > Manage policies and check if a listed policy already applies to the type of content you want to modify.

  • If a Content Modification Policy exists, Edit it.
  • If there is no policy, go to Guardian > Content modification > Policy wizard to create a new Content Modification policy.
  1. In the Who section, select who the policy applies to. Select either:
    • Everyone to apply to all users
    • One or more User Groups
    • The single user icon and enter a username (not available in Cloud Filter)
  1. In the What section, select the type of content to be actioned by the policy. Select either:

Important: To prevent issues with the policy not applying or (if applied to Everything), having unintended effects, you must make sure your policies are targeted to the right thing. Check what to target using the Categories and Content Modifications lists.

  1. In the Where section, select where the policy should apply. Select either:
  1. In the When section, select when the policy should apply from your list of Time slots.
  1. In the Action section, select: 
    • Whether to Apply or Ignore the Content Modification selected
    • One or more Content Modification items to apply (built-in or custom)

 

Policy folders

Policy folders can help you organise policies, such as to group them by User Group. Anything entered into the Who, What, Where and Action fields of the Policy folder will apply to the policies created within that Policy folder.

Important

  • You can’t move existing policies into Policy folders, so you must delete and recreate any policies within the Policy folder.
  • You can’t create sub-folders within Policy folders.
  • If you use the Smoothwall Extension, you should not set up Policy folders. Content Modification Policies within Policy folders do not apply to devices using the extension.

 

Create a Policy folder

  1. Go to Guardian > Content modifications > Policy Wizard.
  2. Fill in or leave blank the Who, What, Where and Action fields as required, leaving at least one blank.
  3. Ensure the Enable Policy checkbox is selected.
  4. Select Confirm.
  5. On the next page, select Save.

Add policies to the Policy folder

  1. Go to Guardian > Web Filter > Manage Policies.
  2. Select the folder icon.
  3. Fill in or leave blank the Who, What, Where and Action fields as required. Any fields set for the Policy folder will apply and can’t be edited.
  4. Ensure the Enable Policy checkbox is selected.
  5. Select Confirm.
  6. On the next page, select Save.

Cloud Filter

Follow these steps to manage Content Modification Policies in Cloud Filter.

Important

You can’t create custom Content Modifications, or group Content Modification Policies into Policy folders in Cloud Filter.

 

Step 1: Decide whether to use our Default Content Modification policies

This step only applies if you moved to Smoothwall with a Cloud-only setup in 2024 or earlier.

In this scenario, these Content Modification policies are automatically switched on in the background:

  • SafeSearch via CONNECT header
  • YouTube - Comments removal
  • Force SafeSearch
  • YouTube - SafetyMode cookie

The toggle does not affect these Content Modification Policies. Even if the toggle appears off, these policies remain active unless we switch them off. Contact Smoothwall Support if you do not want these policies applied.

Step 2: Set up a Content Modification policy

  1. Go to Filter > Content Modifications.
  2. If you have a multi-tenant environment, move to the top right of the page, and select a tenant to apply the Content Modifications to, or select All Tenants.
  3. Select the tab for the Content Modification types - General, Video Streaming, Media or Safe Search.
  4. Select the Content Modification type to expand the editor.
  5. In the Groups section, select who the policy applies to. You must select something in this field for the Content Modification to work. Select either:
    • Everyone to apply to all users
    • One or more User Groups
  6. In the Locations section, select where the policy should apply. You must select something in this field for the Content Modification to work. Select either:
  7. In the Default action section, select either:
    • Include: The Content Modification policy applies to the selected group and location.
    • Exclude: The Content Modification policy applies to everything except the selected group and location.
  8. Switch the toggle to the On position.

Step 3: Publish your changes

  1. Go to Filter > Publishing.
  2. Select Publish to apply your changes.