Limiting users to your Website
The easiest way to limit users to your Website, in your order is to select "User interface without URL address bar, used for limiting users to your homepage" or the advanced API command chrome=webcnoaddressbar. This modifies the User Interface to remove the URL addressbar, so that users are effectively walled into your homepage and its links.
Beware your homepage's external link might link to Google and allow that user to browse effectively anywhere.
Fine grained filtering as a Webconverger product (recommended)
From Webconverger 24, we have a simpler
which is able to filter on DNS wildcards.
From March 2014, Webconverger provides a competitive service http://filter.webconverger.com/ where you can select categories of sites (this is kept uptodate) you want to block, as well as your own whitelist/blacklist and it creates/maintains the BLACKLIST_URL.
It offers the same functionality as OpenDNS, though at 3/4 of the cost. Please contact sales.
Coarse grained filtering with the hosts= API (not supported)
Using the hosts file is a naive way of filtering Web access of your Webconverger deployments. It's by no means fool-proof, and you need to be able to create the file yourself for the time being on a public URL since we don't offer a configuration Web user-interface for it atm.
Note the hosts file is only setup on boot, so if you change the
you need to reboot the machine for it to take affect of any modified rules.
WARNING: If the hosts file fails to retrieve, the machine can be left unprotected. We will make this feature more failsafe, i.e. if the hosts file fails to download, it will show a graphic to that affect and halt.
E.g. to block the IP 22.214.171.124
You can have multiple iptables= commands and they will be processed in order.
To attempt to blacklist for example reddit.com, you would typically add lines in this format:
255.255.255.255 reddit.com 255.255.255.255 www.reddit.com
Therefore the machine would be blacklisted to surf upon reddit.com, however's reddit's content might be available through other websites or subdomains so this method is not fool-proof.
To setup a whitelist where only
domains you specify can be accessed since the DNS service is disabled, your
hosts= value must contain the word whitelist.
For example: hosts=http://example.webconverger.com/whitelist
http://example.webconverger.com/whitelist contains the sites you explicitly want to resolve/allow.
How to prevent users leaving public kiosks in a "bad state"
You will want to consider the kiosk reset options in order to reset Webconverger to your site every say, 3 minutes. This can help avoid an unsupervised Webconverger kiosk being set on a non-mandated Website for too long in public spaces.
Further un-supported options
Using your router or wireless access point
As mentioned on http://webconverger.org/blog/entry/Better_Routing_wanted
3rd party firmware like OpenWRT provide options to limit Internet access.
http://www.mikrotik.com/ also supply very good flexible access point solutions.