This article provides a list of some of the content modifications that Smoothwall provides, details of what they do, the particular categories that you should apply them against to avoid unwanted and unexpected side effects, and how they work.
To see an up-to-date list of all the content modifications generated on a regular basis, see our knowledge base article, Blocklist Categories and Content Modifications List.
Based on their behaviour, the content modifications can be split into certain categories:
- Search based
- Comment removal
- Browser vulnerabilities
- Antiquated content modifications
Each section includes a summary of each content modification available including what they do and which categories you should target them at.
- Items marked as Important must be configured using specific targets for the rule to be effective and to avoid unexpected side effects
- Items marked as Suggested should use specific targets to achieve maximum effectiveness and performance from your Guardian product.
These affect search queries made through the Smoothwall Filter, modifying the request to ensure that SafeSearch is always enabled, or modifying the response to ensure that inappropriate material is filtered out.
|Enforce Google SafeSearch [NEW]||Enforce Strict SafeSearch on Google without the need for Decrypt and Inspect||Web Search||Important|
|Force SafeSearch||Enforce SafeSearch on all major search engines||Everything||Important|
|Google Image Search: Basic Mode||Forces Google image searches to display in basic mode||Web Search||Important|
|Disable Google Instant||Disable Google instant predictions||Web Search||Important|
These remove comments and comment systems, which helps to prevent inappropriate content being displayed on screen.
|YouTube Comment Removal||Removes comments from all YouTube videos.||YouTube||Important|
|Blogger Comment Removal||Remove comments added to blogs using the Blogger CMS system||Everything||Suggested|
|Facebook Comment Plugin Removal||Remove the Facebook comments social plugin from appearing on non-Facebook websites.||Everything||Suggested|
|WordPress Comment Removal||Remove comments added to blogs using the WordPress CMS system||Everything||Suggested|
|Disqus Comment Removal||Remove comments added to blogs using the Disqus CMS system||Everything||Suggested|
These affect everyday browsing or are targeted at a very specific service.
|BBC iPlayer - Enforce Parental Guidance Lock||Enforce Parental Guidance lock on BBC iPlayer||BBC iPlayer||Important|
|Remove QUIC Header||Remove the QUIC header from requests and prevent access to websites over UDP 80/443||Everything||Suggested|
|YouTube - Disable Auto Play||Prevent YouTube from automatically playing the next video in the playlist.||YouTube||Important|
|YouTube SafetyMode Cookie||Enforce YouTube restricted mode on your network which helps filter out potentially mature content. This works by inserting a cookie that enforces Restricted Mode. HTTPS Decrypt and Inspect is necessary for this to work. This content modification should be used if you do not use GSuite for Education.||YouTube||Important|
|YouTube Restricted Mode||Enforce YouTube restricted mode on your network which helps filter out potentially mature content. This works by rewriting the HTTPS connect header to restrict.youtube.com. HTTPS Decrypt and Inspect is not necessary for this to work. This content modification is most appropriate if you use GSuite for Education.||YouTube||Important|
|All Popups||Prevent links from opening in a popup window||Everything||Suggested|
|Blink Tags||Remove <blink> and <marquee> tags||Everything||Suggested|
|Web Bugs||Remove 1x1 GIFs used for user tracking||Everything||Suggested|
|Window Moving||Prevent windows from resizing and moving themselves||Everything||Suggested|
These aim to prevent known browser vulnerabilities from being exploited.
|IE VML Rect tag Exploit||Removes vector graphics that could contain malicious code||Everything||Suggested|
|WPAD Hijacking||Prevent Internet Explorer proxy autodetection retrieving proxy settings from external sites.||Everything||Suggested|
|Microsoft HCP links||Remove “hcp://” links which may exploit Windows Help Center vulnerabilities||Everything||Suggested|
|Program Execution via Cross-site Scripting||Warn about potential cross-site scripting vulnerabilities||Everything||Suggested|
These are considered out of date and we plan to remove these. Some of these prevent browser vulnerabilities from being exploited but have since been patched, and some are just no longer required.
|firefoxurl: Cross-browser Exploit||Prevent ‘firefoxurl://’ URLs from being opened||Everything||Suggested|
|Firefox Cookie Stealing||Prevent vulnerability in Firefox (up to version 18.104.22.168) which allowed for cookies to be stolen||Everything||Suggested|
|Firefox DoS||Removes various DoS attacks targeting Firefox upto and including version 1.0.7.||Everything||Suggested|
|Disable iGoogle||Prevent users on the network from being able to use iGoogle||Web Search||Suggested|
|Nimda||Attempt to detect and stop Nimda infected server’s web pages.||Everything||Suggested|
|Body onLoad Action||Remove <body onload=> from HTML to prevent DoS on Internet Explorer 5.5 and 6||Everything||Suggested|
|CSS Cross-site Scripting||Remove the CSS import tag to prevent an antiquated Internet Explorer vulnerability||Everything||Suggested|
|CVE-2009-1136||Prevents exploitation of vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution||Everything||Suggested|
|DirectAnim Exploits||Removes exploits in IE6 related to the DirectAnimation ActiveX control||Everything||Suggested|
|DirectX Media SDK Exploit||Removes DirectX Media SDK version 6.0 ActiveX exploit||Everything||Suggested|
|IE WebViewFolderIcon Exploit||Removes exploit relating to the setSlice method of the WebViewFolderIcon ActiveX control in IE 6||Everything||Suggested|
|IE Remote Code Execution||Prevent Internet Explorer remote code execution. See Microsoft Security Advisory 961051||Everything||Suggested|
|URI handling command execution||Prevents a vulnerability in Firefox running on Windows which enables remote command execution through URI handlers such as mailto||Everything||Suggested|