This is a method that is best used to control network users to only have access to a limited number of websites. Alternatively, you may use it on home computers to restrict access to websites that you trust. Once the system is in place, you can work with Privoxy further to hone it to your needs. The system is not foolproof – no system for web access control is – however it has worked extremely well for me in the past.
I developed this system to deal with remote clients accessing non-work related websites via cellular-based Internet access. If your company has the means to implement a VPN, or to work with your service provider on a solution, that’s probably the best way to go. For small and medium sized business, this works just fine.
Part One: Implement Privoxy on Your Server
Privoxy is an open source proxy server that can help you control what your users connect to on the Internet. Since it is free for personal or corporate use, the documentation is somewhat limited, but that’s what this article is for. Go ahead and download Privoxy. I’m working on Windows XP, but this tutorial should be useful for other operating systems.
Step One: Install Privoxy
Once you have the Privoxy installer downloaded, find it and double-click on it to begin the installation.
First, you will see a screen with a warning. Read it carefully and click Next if it seems right to do so.
Next, you’ll encounter the Installation Options window, asking you what options you would like with your Privoxy. Want fries with that? By default, all three options are checked. There is no need to change them. Click Next, please.
Now, the Privoxy Setup will ask where you would like the program installed. I use the default location.
Once installed, you’ll see the final screen. Click OK, you know you want to.
That’s the installation part of setting up Privoxy. Now let’s move on to using Privoxy as a White List Proxy Server
Step Two: Configure Privoxy Server to Restrict Access To Websites You Trust
Yep, seems like a lot. Hang in there, sunshine. Once the installation is complete, Privoxy should open up a window that resembles Notepad more than a program. Click on Options > Edit Main Configuration.Now, Notepad will in fact open. It’ll be a configuration file in which you’ll need to change a few lines. The changes are simple to make, don’t panic. You can do it.
The first thing we need to change is the trustfile variable. Scroll down to 2.7. trustfile. Scroll down a little futher until you see the line #trustfile trust.txt. Just delete the pound sign (#) at the front of this line. Now save the document. We’ll come back to this in Step 3.
Now, look for the line that reads 4.1. listen-address. Scroll down a bit further from there and find listen-address 127.0.0.1:8118. That is your IP address and the port that Privoxy will listen for traffic on. If you are using this in your home, it’s probably best to leave it as it is. In the workplace, you want the IP address to be the static IP of your server. Once you have your IP address and port set, save the document.
Step 3: Set Up Your Trust List
To do this, you need to navigate to the trust.txt file. You’ll find that by opening your Start menu. Go to All Programs > Privoxy > Edit Config and click on Trust list. Yep, another Notepad file.
Look for the line that reads ~config.privoxy.org. This is where you start adding the sites you want whitelisted. If you put a tilde (~) in front of a domain name, Privoxy will allow access to only that domain. If you put a plus sign (+) in front of the domain, Privoxy will allow access to that domain as well as any domains to which that one refers.
Here’s a sample:
+guymcdowell.com will allow you to access guymcdowell.com and any sites linked to from it.
~makeuseof.com will allow you to access only makeuseof.com.
This can get tricky since some sites are dependent on subdomains to function. Hotmail is a good example of this. So, you may need to add few entries such as:
+*.hotmail.com – Allows you to access such things as mail.hotmail.com, blah.hotmail.com and more. How? Because the asterisk (*) is a wildcard character. Sneaky, huh?
So sit down and reflect upon what websites a person really needs to access to get their work done. Make a list and enter it in the trust.txt file accordingly. Remember to save the file as well.
That’s how you set up Privoxy as a whitelist proxy server. Stay tuned for Part Two where I show you how to force Internet Explorer to only use the Privoxy server as its gateway to the Internet, and make it very difficult to circumvent. We get into the registry! Super cool!
Are you totally confused or do you have any questions? Are you familiar with any better tool to restrict access to websites on your network or home PC? Go on and shoot them into the comments!
Image credit: delboy74