http://www.boutell.com/newfaq/browser/restrictie.html
One trick, in order to use a wildcard you have to type it like http://*.google.com (you need the http:// )
2006-10-19: Internet Explorer can be configured to restrict access so that only a short list of approved sites can be accessed by anyone without a special password. Here’s how to do it.
First, though, think about your audience. This can be a useful technique for a special-purpose computer in an office. For your kids, it is less effective because kids can find ways around such limitations. They might install an alternative web browser, disable Content Advisor through the Windows Registry, or boot the computer from a CD instead. And useful research for school often involves accessing many sites you haven’t seen before. For young children, this approach may be useful, but for teenagers there’s no substitute for supervision and education. Put their computer next to yours!
Ready to go? Great! Here’s how to lock down Internet Explorer so that only certain sites of your choosing can be accessed. In a nutshell, we’ll do it by telling Internet Explorer to:
1. Use a website “rating service” that doesn’t actually rate any sites,
2. Forbid users from accessing sites that are not rated, and
3. Add the sites we do want to our private list of “Approved Sites” that can be accessed even though they are not rated.
How To Lock Down Internet Explorer
1. Start Windows Notepad. Follow these steps:
Start Menu -> All Programs -> Accessories -> Notepad
Alternatively, right-click on the desktop (not an icon, on a blank area of the desktop), select “New,” and select “Text Document.”
2. Copy and paste the following into Notepad (everything within the parentheses). This is the rating service code for our special rating service that hates everything!
(
(PICS-version 1.0)
(name "Thumbs Down")
(description "A fake rating service that doesn't rate anything.")
(rating-system "http://notreally.madeup")
(rating-service "http://notreally.madeup")
(category
(transmit-as "Please Use The Approved Sites Tab Instead!")
)
)
3. Pull down the “File” menu of Notepad and pick “Save As…”
4. In the “File name:” field, type exactly this (copy and paste):
c:\windows\system32\thumbsdown.rat
Note: if you leave out the .rat extension it will not work.
5. Click “Save” to save the file.
6. Exit Notepad (File -> Exit).
7. Launch Internet Explorer if it is not already open.
8. Click on the “Tools” menu of Internet Explorer.
9. Select “Internet Options…”
10. Select the “Content” tab.
11. Find the “Content Advisor” box (near the top of the window) and click on “Enable…”
12. If you have ever used Content Advisor before, you will be prompted for your Content Advisor supervisor password. If not, you will be invited to choose one, and to supply a hint to help you remember it.
13. You will see a message informing you that “Content Advisor has been turned on.” Click OK.
14. Click on “Settings” in the “Content Advisor” box.
15. Click on the “General” tab.
16. Make sure “Users can see sites that have no rating” is not checked. Leave “Supervisor can type a password to allow users to view restricted content” checked. Trust me here: you will need to make exceptions and add new allowed sites, and you won’t want to come all the way into “Internet Options” just to do that. Things come up.
17. Click on “Rating Systems…” in the “Rating systems” box.
18. If you see any Rating Systems listed, select each in turn and click the “Remove” button. You are doing this so that we can set up our special “fake” rating service that doesn’t rate any sites. You can add other rating services back later if you change your mind about using this method.
18. Click the “Add” button. When the list of files appears, select thumbsdown. If you do not see it, you probably didn’t save thumbsdown.rat to the right place in step 4. Go back and correct that.
19. You will see thumbsdown in the list of rating systems.
20. Click “OK” to close the “Rating Systems” dialog.
21. Click on the “Approved Sites” tab in Content Advisor. Type in the name of a site you DO want to allow users to access, such as:
Then click “Always.” You don’t need the “Never” button as all other sites are already forbidden. You can use the “Remove” button if you add the wrong site by mistake.
22. Repeat step 21 for as many sites as you wish. You can add more sites later, here in the Content Advisor or via the dialog box that pops up when a user tries to access an unapproved site (only with your password, of course).
23. Click “OK” again to dismiss “Internet Options.”
Making Sure It Worked
That’s it! Internet Explorer is locked down.
But did it work? Time to make sure!
First, try to access an approved site. You will get through with no warnings, as long as the site is listed in your “Approved Sites” list and spelled correctly there. Note that “sub-sites” like “mail.example.com” are not automatically approved just because “example.com” is approved! You will need to list them separately.
Now try to access a site you did not allow. You will see Content Advisor’s “Sorry! Content Advisor will not allow you to see this site” page. As the supervisor, you can select “Always allow this Website to be viewed,” “Always allow this Web page (one page, not all pages on the site) to be viewed,” or “Allow viewing only this time” and enter your supervisor password. Other users won’t have the password, so they will not be able to access the site. All they can do is click Cancel and go back to a more appropriate site.
Filed under: Uncategorized | Leave a comment »
