Web Filter Guidelines
Edinburgh Napier University filters all web access to protect students and staff from information that is offensive, abusive, discriminatory, illegal to possess, or contravening University regulations. Web filtering is also used to protect university devices from malicious software downloads.
Our web filter (which processes all web traffic originating from on-campus, as well as web traffic from University managed laptops and mobile devices regardless of location) is configured to block the following categories of website which are considered harmful:
- Child Abuse Content
- DNS over HTTPS and DNS over TLS
- Dynamic and Residential
- Filter Avoidance
- Hate Speech
- Illegal Activities
- Illegal Downloads
- Personal VPN
- Regional Restricted Law (Great Britain)
- Terrorism and Violent Extremism
In addition to the content categories listed above, the web filter also blocks the following since they pose a security threat to the University:
- Newly seen Domains
- Command and Control Callbacks
- Phishing Attacks
- Dynamic DNS
- DNS Tunnelling VPN
When the web filter makes a determination that a particular website is dangerous, we trust that assessment and allow it to stand. This is because we don’t have the capacity to manually investigate each of the hundreds of unique websites that are blocked by the web filter every week.
Frequently Asked Questions
Q: A website I am trying to access is blocked but it doesn’t seem like it should be considered dangerous, why is this?
If you see the message below it could be that the website is being blocked as it is considered a newly seen domain.
The majority of sites people regularly access on the Internet – Google, Amazon, Facebook, BBC News, etc. – have been around for a fairly long time and have established reputations.
In contrast, it’s far more likely that very new sites are dangerous (attackers set up new sites constantly for malicious purposes and it takes some amount of time for automated systems like our web filter to learn that a given new site is dangerous), but the longer a site stays online the more likely it is to be safe to visit (since malicious sites are taken down quickly when discovered, leaving a majority of benign sites online).
So, to ensure that we can protect our students and staff from new, dangerous web sites that haven’t yet been around long enough to establish a reputation, our web filter blocks all new web sites temporarily.
When somebody tries to visit a new website, if it’s never been accessed from the University before they might be allowed to access it the first few times, but the web filter will see that they’ve visited it and shortly thereafter it’ll start to classify the site as a new site.
If they or another person at the University tries to visit the same site later, they’ll instead see the web filter block page with our University branding on it and in the explanatory text we mention that it may be blocked due to it being a new site. The web filter then spends the next 24 hours (often it can take a lot less) figuring out if the site is dangerous or safe and if it’s the latter, people are allowed to access it once again.
So if you wait up to 3 days and the website is considered at that point to be safe it will be recategorised and you should then be able to access it.
Q: I think a category blocked by the Web Filter is incorrect, what do I do?
If a website you are attempting to access appears in one or more of the categories blocked by the web filter, you will see a message similar to the following:
If you believe that the website should not belong to the stated category, you should contact the IS Service Desk for assistance.
Q: Can I apply for exemption from the University's web filter?
It is acknowledged that there can be valid academic reasons to access information that would normally be blocked by the web filter.
In this situation staff or students must gain written approval from their Dean or Service Director for these specific activities.
Information that is illegal to possess is never allowed.
To discuss your requirement for an exemption, please contact the IS Service Desk in the first instance.
Note for Dean of School / Directors:
When the Dean of School / Director is granting such approval care must be taken to ensure that it is not authorising the handling of illegal information. They may also be removing a "safety margin" that normally protects users from stepping over the boundary from "undesirable" to "illegal" information. They should remind the applicant to be particularly vigilant when working in these areas.