Guide to content modifications on Smoothwall

Article #: Product Castle
KB-43 Guardian Any

Summary

This article provides a list of all the content modifications currently available along with some information as to what they do, which categories they should be applied against, and how they work.

Problem

Smoothwall provides several content modifications. This article aims to provide some more information about them and ensure that they are applied only to the pertinent categories to avoid unwanted and unexpected side effects.

Solution

There are several sections listed below which split the content modifications provided by Smoothwall into categories based on their behaviour. These categories are

  • Search based content modifications
  • Comment removal content modifications
  • General content modifications
  • Browser vulnerabilities content modifications
  • Antiquated content modifications

Each of these sections includes a summary of each content modification currently available along with what they do and which categories they should be targeted at.

  • Items marked as Important must be configured using specific targets for the rule to be effective and to avoid unexpected side effects
  • Items marked as Suggested should use specific targets to achieve maximum effectiveness and performance from your Guardian product.

Search based content modifications

These content modifications affect search queries made through Guardian, modifying the request to ensure that SafeSearch is always enabled, or modifying the response to ensure that inappropriate material is filtered out.

Rule Description ‘What’ Target
Enforce Google SafeSearch [NEW] Enforce Strict SafeSearch on Google without the need for Decrypt and Inspect Web Search Important
Force SafeSearch Enforce SafeSearch on all major search engines Everything Important
Google Image Search: Basic Mode Forces Google image searches to display in basic mode Web Search Important
Disable Google Instant Disable Google instant predictions Web Search Important

Comment removal content modifications

These content modifications remove comments and comment systems which help to prevent inappropriate content being displayed on screen.

Rule Description ‘What’ Target
YouTube Comment Removal Removes comments from all YouTube videos. YouTube Important
Blogger Comment Removal Remove comments added to blogs using the Blogger CMS system Everything Suggested
Facebook Comment Plugin Removal Remove the Facebook comments social plugin from appearing on non-Facebook websites. Everything Suggested
WordPress Comment Removal Remove comments added to blogs using the WordPress CMS system Everything Suggested
Disqus Comment Removal Remove comments added to blogs using the Disqus CMS system Everything Suggested

General content modifications

These are general content modifications that affect everyday browsing or are targeted at a very specific service.

Rule Description ‘What’ Target
BBC iPlayer - Enforce Parental Guidance Lock Enforce Parental Guidance lock on BBC iPlayer BBC iPlayer Important
Remove QUIC Header Remove the QUIC header from requests and prevent access to websites over UDP 80/443 Everything Suggested
YouTube - Disable Auto Play Prevent YouTube from automatically playing the next video in the playlist. YouTube Important
YouTube SafetyMode Cookie Enforce YouTube restricted mode on your network which helps filter out potentially mature content. This works by inserting a cookie that enforces Restricted Mode. HTTPS Decrypt and Inspect is necessary for this to work. This content modification should be used if you do not use GSuite for Education. YouTube Important
YouTube Restricted Mode Enforce YouTube restricted mode on your network which helps filter out potentially mature content. This works by rewriting the HTTPS connect header to restrict.youtube.com. HTTPS Decrypt and Inspect is not necessary for this to work. This content modification is most appropriate if you use GSuite for Education. YouTube Important
All Popups Prevent links from opening in a popup window Everything Suggested
onUnload Popups Prevent JavaScript from being executed when leaving a webpage Everything Suggested
unsolicited Popups Prevent JavaScript from opening popup windows Everything Suggested
Blink Tags Remove <blink> and <marquee> tags Everything Suggested
Web Bugs Remove 1x1 GIFs used for user tracking Everything Suggested
Window Moving Prevent windows from resizing and moving themselves Everything Suggested

Browser Vulnerabilities content modifications

These content modifications aim to prevent known browser vulnerabilities from being exploited.

Rule Description ‘What’ Target
IE VML Rect tag Exploit Removes vector graphics that could contain malicious code Everything Suggested
WPAD Hijacking Prevent Internet Explorer proxy autodetection retrieving proxy settings from external sites. Everything Suggested
Microsoft HCP links Remove “hcp://” links which may exploit Windows Help Center vulnerabilities Everything Suggested
Program Execution via Cross-site Scripting Warn about potential cross-site scripting vulnerabilities Everything Suggested
Escaped Shell Code Removes escape Unicode “shellcode” from JavaScript Everything Suggested

Antiquated content modifications

The following content modifications are considered antiquated and will be removed over time. Some of these content modifications prevent browser vulnerabilities from being exploited but have since been patched; and some are simply content modifications that are no longer required.

Rule Description ‘What’ Target
firefoxurl: Cross-browser Exploit Prevent ‘firefoxurl://’ URLs from being opened Everything Suggested
Firefox Cookie Stealing Prevent vulnerability in Firefox (up to version 2.0.0.1) which allowed for cookies to be stolen Everything Suggested
Firefox DoS Removes various DoS attacks targeting Firefox upto and including version 1.0.7. Everything Suggested
Firefox JavaScript Information Leak Prevent vulnerability in Firefox which exposes private data Everything Suggested
Disable iGoogle Prevent users on the network from being able to use iGoogle Web Search Suggested
Nimda Attempt to detect and stop Nimda infected server’s web pages. Everything Suggested
Body onLoad Action Remove <body onload=> from HTML to prevent DoS on Internet Explorer 5.5 and 6 Everything Suggested
CSS Cross-site Scripting Remove the CSS import tag to prevent an antiquated Internet Explorer vulnerability Everything Suggested
CVE-2009-1136 Prevents exploitation of vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution Everything Suggested
DirectAnim Exploits Removes exploits in IE6 related to the DirectAnimation ActiveX control Everything Suggested
DirectX Media SDK Exploit Removes DirectX Media SDK version 6.0 ActiveX exploit Everything Suggested
Disable createTextRange Disables the createTextRange() JavaScript function, which can be used to execute arbitrary code in Internet Explorer 6 and Internet Explorer 7 Beta 2 Everything Suggested
IE WebViewFolderIcon Exploit Removes exploit relating to the setSlice method of the WebViewFolderIcon ActiveX control in IE 6 Everything Suggested
IE Remote Code Execution Prevent Internet Explorer remote code execution. See Microsoft Security Advisory 961051 Everything Suggested
URI handling command execution Prevents a vulnerability in Firefox running on Windows which enables remote command execution through URI handlers such as mailto Everything Suggested

Attribution:

Last updated: Author: Contributions by:
19 June 2017 Chris Smith