Iphone (IOS 16.6.1) ignoring DNS server settings & content filtering

Hi


I used OpenDNS for content filtering at home. My Iphone (specifically Safari) when connected to WiFi seems to be ignoring the OpenDNS server settings and so content is not being blocked as expected (ie various social media sites).


Here's what i can verify:

  1. Im not using any kind of VPN or proxy on my iphone
  2. Im definitely connected to my home wifi
  3. The content filtering via OpenDNS works fine on other wirelessly connected devices such as windows PCs connected to the same WiFi network.
  4. Even if I manually change the DNS settings on my wifi connection on my Iphone it still seems to ignore them.


I am wondering if this is something to do with DNS over HTTPS (DoH) and whether there are any obvious solutions?


Thanks

D-M.

iPhone SE, iOS 16

Posted on Oct 2, 2023 12:28 AM

Reply
1 reply
Question marked as Helpful

Oct 3, 2023 10:53 PM in response to dark-menace

Same here on IOS 17.0.2. I have opendns family filtering active on network level (Unifi USG router) for my kids. But on there iPhones Safari (on home WiFi, no VPN whatsoever active) seems to randomly ignore the opendns filtering.


2 additional findings:


  1. It seems a Safari specific issue, because if I use Firefox on IOS, all unwanted websites are blocked.
  2. In Safari private mode unwanted websites are not blocked, in normal model it is 50-50. Even when trying the same website, hitting refresh again and the website might appear or might be blocked.


And the most frustrating about this is, both their phones are part of my iCloud family account (age 8 and age 11), with all content restrictions active.


A little damage in my faith in Apple’s eco system. Which I thought was set and forget…


Any suggestions would be highly appreciated.



6 replies

Oct 2, 2023 9:23 AM in response to dark-menace

Have you enabled Apple's Private Relay service? If so, while active, your iPad will completely bypass your manual DNS settings and DNS-related Content Filtering:

Settings > [Your Name / AppleID] > iCloud > [iCloud+] Private Relay > Private Relay - set to ON or OFF as preferred


With Private Relay active, your iPad will use ODoH (Oblivious DoH) to encrypt and forward your DNS traffic via Apple's regional Content Delivery Partner's servers (usually Cloudflare).


About iCloud Private Relay - Apple Support

Cloudflare Oblivious DNS

Question marked as Helpful

Oct 3, 2023 10:53 PM in response to dark-menace

Same here on IOS 17.0.2. I have opendns family filtering active on network level (Unifi USG router) for my kids. But on there iPhones Safari (on home WiFi, no VPN whatsoever active) seems to randomly ignore the opendns filtering.


2 additional findings:


  1. It seems a Safari specific issue, because if I use Firefox on IOS, all unwanted websites are blocked.
  2. In Safari private mode unwanted websites are not blocked, in normal model it is 50-50. Even when trying the same website, hitting refresh again and the website might appear or might be blocked.


And the most frustrating about this is, both their phones are part of my iCloud family account (age 8 and age 11), with all content restrictions active.


A little damage in my faith in Apple’s eco system. Which I thought was set and forget…


Any suggestions would be highly appreciated.



Oct 4, 2023 8:54 PM in response to dark-menace

Upon further investigation, it appears my Iphone is using an IPV6 address rather than the traditional IPV4 and according to this link - https://support.opendns.com/hc/en-us/articles/227986667-Does-OpenDNS-Support-

IPv6-


"Currently, it is not possible for users to register IPv6 addresses in the OpenDNS Dashboard. Custom content filtering cannot be set for IPv6 traffic." This would explain why my Iphone is not experiencing my intended content restrictions.


Haven't worked out if i can turn off IPV6 for WiFi connection on my Iphone, but suspect I cannot. May need an alternative provider for content filtering at this stage that supports IPV6.

Oct 4, 2023 11:15 PM in response to dark-menace

I’ve blocked IPv6 on router level in my house. So I think that is not the issue with me.


But, while looking at my iPhone WiFi settings I saw the option “privat wifi-adress” was turned on. I don’t exactly know what is does (looks like MAC address masking). But when I turned it off, it looks like unwanted websites are now being blocked… not at home right now but will test some more.

Iphone (IOS 16.6.1) ignoring DNS server settings & content filtering

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.