We have launched the new version of the DrayTek website, and this content is no longer being maintained.
You will find more information on our new site; however, we will keep this page for a few months.

How to block all the social networking websites with Web Content Filter (WCF)?

This Video was presented by DraytekUSA

We may use URL Content Filter to block a specific website; however, if we want to block all the social networking websites, Web Content Filter (WCF) is an easier way. Web Content Filter is a category-based filter, which helps network administrators efficiently control the types of websites that the LAN client allowed to visit. Here we demonstrate how to use Web Content Filter and DNS Filter to block all the social networking websites.

(For using WCF on Vigor3900, Vigor2960, and Vigor300B, please refer to the article here)


1. Add a new WCF profile: Go to CSM >> Web Content Filter Profile,

  1. Make sure the Cyren license is activated. (Check “How to Register My Vigor Router and Activate a Free WCF Trial License?” if you don't have a license yet.)
  2. Click on an available index to add a new profile.

2. Configure the WCF profile as follows:

  1. Enter a profile name, here we fill out Social Network
  2. Set action type to “Block”
  3. Select the category of websites you would like to block, the category of a website can be checked from http://www.cyren.com/url-category-check.html. Here we choose “Social Networking”.

3. To make sure the HTTPS websites will be filtered as well, a DNS Filter is also required. Go to CSM >> DNS Filter, and click on a profile index.


For the older Vigor Router which does not support DNS Filter profile, please just edit the DNS Filter on CSM >> DNS Filter page, and note that it will apply to all the LAN clients.


4. Edit the DNS profile as follows,

  1. Enter Profile Name
  2. Select WCF as Web Content Filter Profile created in Step 2
  3. Click OK to save

5. To apply the Web Content Filter and DNS Filter, go to Firewall >> Filter Setup >> Set 2, and click on a Filter Rule number

  1. Enable the Filter Rule
  2. Edit Source IP if you would like to block only some IP from social networking websites, or you may just leave it as "Any" if you would like to apply the filter rule to all the LAN clients
  3. Select Filter as Pass Immediately
  4. Select Web Content Filter as the profile created in Step 2
  5. Select DNS Filter as the profile created in Step 3
  6. Click OK to save

6. After finishing the above settings, all the social networking websites will be blocked by Web Content Filter and DNS Filter with Vigor Router, even if the website uses HTTPS.


How to make a social networking website to bypass the rule?

If there's a website you would like to pass but it belongs to a forbidden category, you may enable the White List in Web Content Filter profile, and let the specific URL be passed. Below we take adding "www.linkedin.com" into the white list for example.


1. Go to Objects Setting >> Keyword Object, create an object of which the content contains the keyword in the website's URL you'd like to pass, which is "linkedin.com" in this example.


2. Edit the Web Content Filter profile as follows,

  1. Enable White/Black List
  2. Set Action to "Pass"
  3. Click Edit and select the Keyword Object created for www.linkedin.com
  4. Click OK to save the profile.

3. Now, the LAN clients will be able to visit www.linkedin.com even if it's categorized as a Social Networking website.



If the Web Content Filter does not work as expected, please take the following steps:

  • Clear browser's cookie and history.
  • Clear the DNS cache on the computer. For Windows users, this can be done by typing the command "ipconfig/flushdns" in command prompt.
  • Make sure the computer's default gateway is Vigor Router. For Windows users, this information can be checked by typing the command "ipconfig" in command prompt.
  • Check the DNS server of the computer: If the server is an internal DNS server, please make sure the internal DNS server's gateway is set to Vigor Router. If the server is your Vigor Router, please enable DNS Filter Local setting in CSM >> DNS Filter instead of a Firewall Rule, and please note that DNS Filter Local Setting will apply to all LAN clients who use the router as DNS server. (Learn more about What is the difference between DNS Filter Profile and DNS Filter Local Setting?)

See also

Was this article helpful?
87How to block all the social networking websites with Web Content Filter (WCF)? has been viewed------ 87 ------times.