Hello

i have a company and i want to block all pornographic addresses and social addresses.
i know how to block one address but not some of them.
i have blocked in firewall but i dont know hot to block not one but a lot of websites.

E.g. i have a list and there are 120 websites on it... how to block all of them.
i have a mikrotik Rb951-2n and Rb750, all v.6.6.

Please help me.

For sites like "facebook" that use HTTPS, the only way is to block their IPs (or at least ports 80 and 443 for those IPs), but keep in mind this means you're also blocking any site hosted on those same servers, so for example, if you wanted to allow SketchUp's site, and Google happens to share some of its IPs with SketchUp (since they own it after all...), you'd end up blocking SketchUp, even though you didn't want to.

Also, a lot of sites will sometimes change their IPs (e.g. add new servers), so you'll need to regularly check up their DNS info too. I have this small utility written in PHP which does that, and puts the IPs for a domain name in an address list using the API protocol. You can use it to place all of those sites on the same address list (or place them in several, if you want to filter some of those websites under special conditions). Once you have that, you can just create two firewall rules that both match the address list - one to block port 80, and another one for port 443 (or a blanket one to block all ports, if you're North Korea).

Hello

i have a company and i want to block all pornographic addresses and social addresses.
i know how to block one address but not some of them.
i have blocked in firewall but i dont know hot to block not one but a lot of websites.

E.g. i have a list and there are 120 websites on it... how to block all of them.
i have a mikrotik Rb951-2n and Rb750, all v.6.6.

Please help me.

Can you enable "webproxy" and redirect all your traffic to port selected. To configure the acces selection "acces" and then configure "words".
For example the attached image show how you can block the acces no any website with the "word" "porn" in your address.

For facebook is the same.


I use this configuration on school's and institutes and works fine.

Thankyou "boen_robot".
you helped me to understand that.
but my goal is to block all pornographic websites for specific user....

for example. i have 18 clients and i want to block only 3 of them the pornographic websites.
i have blocked 1 websites in firewall but not all websites that i want to block.

i have upgraded the routers in v.6.6.
i am new user for mikrotik routers, and a have learn to config in mikrotik forum and in youtube.

if you have more specific code to tell me please help.

Thankyou "waver"

i have upgraded in v.6.6 all routers and i dont see this pic that you have send to me..

please do you have any code or another photos.

Sorry for delay.

This option is in "Acces" menu, "webproxy" inside.

Thankyou WAVER, i try and it works.

Use openDNS. Is more better for web filter.

Send from my mobile phone using Tapatalk.