* Web Filter, All Models and Firmware supporting SafeSearch.
* Firmware 5.x and higher
Google SafeSearch on the Barracuda Web Filter works as expected using http based searches. However https-based searches present an issue. The Barracuda Web Filter is not able to alter any part of a https URL. This technical fact does not allow the web filter to enable safe search over https.
Examples for the safe search URL (at the time of this document):
Certain models of the Barracuda Web Filter (610 and up on firmware 6.0.1.012 via proxy and models 910 and 1010 either inline or proxy on firmware 7.x and up) can inspect encrypted URL using SSL Inspection. For more information on SSL Inspection, please see these documents:
This document below explains the issues associated with using Google Safe Search with https URLs. It is located here:
Google SafeSearch and SSL Search for Schools
Many users prefer to not have adult content included in their search results (especially if children use the same computer). Google's SafeSearch filters help schools prevent adult content from appearing in their search results. Google uses automated methods to identify objectionable content, and constantly works to improve those methods based on user feedback. For sexually explicit content, our filter mainly relies on algorithms that look at many factors, including keywords, links, and images. No filter is 100 percent accurate, but SafeSearch should help you avoid most of this type of material.
You can choose from among three SafeSearch settings on the Preferences pages:
* Strict filtering filters sexually explicit video and images from Google Search result pages, as well as results that might link to explicit content.
* Moderate filtering excludes sexually explicit video and images from Google Search result pages, but does not filter results that might link to explicit content. This is the default SafeSearch setting.
* No filtering turns off SafeSearch filtering completely.
Learn more about SafeSearch
Enforce SafeSearch strict
There are currently two ways to enforce strict SafeSearch: 1) using SafeSearch Lock or 2) updating the router configuration to change Google search requests. The former is a lot easier and works well at home or in smaller IT environments.
When you are using a proxy server to block access to objectionable content, you might also want to be able to filter thumbnails in image search results depending on the underlying source of that image.
Learn more about how to get a thumbnail image source
1) Lock SafeSearch
The SafeSearch setting you select on the Search settings page applies to anyone using the same Web browser and computer as you. If you have a Google Account, you can lock the strict SafeSearch setting so that other users of the computer don't change it. To lock SafeSearch, please visit the Search settings page and click Lock SafeSearch. If you're not signed in to your Google Account, you'll be prompted to sign in. Once you're signed in, click Lock SafeSearch. This step takes a moment, because strict filtering is being applied to all Google domains. You'll see a confirmation page once the lock is engaged.
Learn more about locking SafeSearch
2) Update the router configuration
To enable SafeSearch throughout a school network, you can use a proxy server to append &safe=active or &safe=on directly to all search URLs. This will enable strict SafeSearch.
Google Sends search queries along URL paths like google.com/search?...,google.com/images?..., google.com/s?... Schools that activate SafeSearch with a proxy should keep their filters updated to include /search, /s, and /images URLs.
See request examples
Report offensive images
No filter is perfect, and sometimes adult content shows up even with SafeSearch on. If you encounter any adult content with SafeSearch enabled, here's how you can report it:
- In the SafeSearch drop-down (beside the search box), click Report Offensive Images.
- Click the Report button on the image you'd like to report.
SSL Search Options
Google's search over SSL (Secure Sockets Layer) provides an end-to-end encrypted search solution between a computer and Google. When students search using SSL on https://www.google.com or https://encrypted.google.com, content filters and proxies on your network may not be able to see or modify the search URL. Therefore, the query rewriting techniques described above won't work with SSL searches. Please note that SafeSearch Lock works with SSL.
Throughout this article, we use Google.com as the example Google domain, but SSL search is now available on most Google top-level language domains (e.g. Google.es and Google.fr).
Recently, Google has dropped support for their NoSSLSearch. As a current workaround, administrators can point their DNS server to the IP that Google previously associated with nosslsearch.google.com. Please use the following steps to use this workaround:
- On your Windows 2008 R2 DNS server, navigate to Administrative Tools and select DNS.
- Right click on the current server and select "New Zone...".
- Click Next at the New Zone Wizard.
- Leave Primary Zone selected, and click Next.
- Leave "To all DNS servers in this domain:" selected, and click Next.
- Leave "Forward lookup zone" selected, and click Next.
- Enter a zone name of "www.google.com" (without quotes).
- Leave "Allow only secure dynamic updates" selected, and click Next.
- Click Finish.
- In the DNS Manager, expand Forward Lookup Zones.
- Right click on www.google.com and select "New Host (A or AAAA)".
- Leave the Name field blank. Enter "220.127.116.11" into the IP address field and click Add Host.
- Click OK at the confirmation prompt and click Done.
- Open a web browser, and navigate to google.com. You should be redirected to http://www.google.com/ without SSL.
Link to this page: