NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAX20 - keyword based website blocking is not working
I am trying to block websites using keywords. I entered the website keywords in "Advanced>Security>Block Sites" section of the router configuration. But it is not working! I came across many simi...
> [...] But this is wrong! [...]
Says who?
> [...] The packet header (which contains the destination URL) [...]
"packet header"? _IP_ packet header? URL? Where's the "URL" field
in an _IP_ packet header?
https://en.wikipedia.org/wiki/IPv4#Packet_structure
"IP Address" and "URL" are spelled differently for a reason.> [...] is not encrypted, but only its content. Because if it were
> encrypted, there would be no way for the upstream routers to identify
> (i.e. read) the packets' destination, and route it accordingly.Eh? All that's needed for routing is the destination IP address.
The web browser can do a DNS look-up to determine that. I see no need
for an unencrypted URL to leave the web browser.> [...] the router should block the sites.
As explained elsewhere ("many similar posts on the Netgear community
forum" -- thanks for the helpful links), when HTTPS is used, the URL is
encrypted when it passes through the router. So, in fact, if the
encryption is adequate, exactly the opposite is true.
I claim.
Addition: I raised a Netgear support ticket over 2 weeks ago and I haven't recieved any reply from them, so, I decided to post it here on the community forum.
> [...] But this is wrong! [...]
Says who?
> [...] The packet header (which contains the destination URL) [...]
"packet header"? _IP_ packet header? URL? Where's the "URL" field
in an _IP_ packet header?
https://en.wikipedia.org/wiki/IPv4#Packet_structure
"IP Address" and "URL" are spelled differently for a reason.
> [...] is not encrypted, but only its content. Because if it were
> encrypted, there would be no way for the upstream routers to identify
> (i.e. read) the packets' destination, and route it accordingly.
Eh? All that's needed for routing is the destination IP address.
The web browser can do a DNS look-up to determine that. I see no need
for an unencrypted URL to leave the web browser.
> [...] the router should block the sites.
As explained elsewhere ("many similar posts on the Netgear community
forum" -- thanks for the helpful links), when HTTPS is used, the URL is
encrypted when it passes through the router. So, in fact, if the
encryption is adequate, exactly the opposite is true.
I claim.
Okay. I think I mixed up an HTTP header (with the "Host" header) with a packet-header. So, the "URL filtering" in my previous router must be preventing the DNS lookup for the blocked domains.
Thank you.