Is there a simple (client-side) way to allow web access to one domain only on a machine?
August 3, 2012 11:56 AM Subscribe
Is there a simple (client-side) way to allow web access to one domain only on a machine?
I'm trying to set up a little touchscreen terminal at a business in order to make their site easily available to in-store customers. I figured I'd just set the browser full screen and disable "right" clicking. However, I'm not sure of a way to disallow the site's outbound links.
I don't have the experience/vernacular to do anything beyond the very basics on the server-side of things. So, I'm hoping there might be a software solution for this one computer.
(Also, I don't think a local offline copy of the site would work that well here either -- as it's a relatively frequently updated Wordpress site.)
Besides disabling the extra-domained links, are there any other settings I should consider for this site-specific terminal project? Thanks for your help.
I'm trying to set up a little touchscreen terminal at a business in order to make their site easily available to in-store customers. I figured I'd just set the browser full screen and disable "right" clicking. However, I'm not sure of a way to disallow the site's outbound links.
I don't have the experience/vernacular to do anything beyond the very basics on the server-side of things. So, I'm hoping there might be a software solution for this one computer.
(Also, I don't think a local offline copy of the site would work that well here either -- as it's a relatively frequently updated Wordpress site.)
Besides disabling the extra-domained links, are there any other settings I should consider for this site-specific terminal project? Thanks for your help.
You can:
Enable whatever firewall your OS supports and block outbound http/https to everywhere but the site you want.
But beware that some other OS things like system updates, that little widget that shows you the weather, etc. may also be using http/https behind the scenes and you'll end up breaking them as well.
Or:
Configure a local to the host proxy server and configure it to deny anything but the site you want. Configure the browser to use the proxy. Lock down browser to prohibit configuration changes.
posted by zengargoyle at 12:10 PM on August 3, 2012
Enable whatever firewall your OS supports and block outbound http/https to everywhere but the site you want.
But beware that some other OS things like system updates, that little widget that shows you the weather, etc. may also be using http/https behind the scenes and you'll end up breaking them as well.
Or:
Configure a local to the host proxy server and configure it to deny anything but the site you want. Configure the browser to use the proxy. Lock down browser to prohibit configuration changes.
posted by zengargoyle at 12:10 PM on August 3, 2012
One cheap way would be to remove any DNS entries in the networking config and put a HOSTS file that maps the one good site to an IP number.
Though, I'd just get SiteKiosk Basic and set it up. We used it at the museum I worked at and it was easy and reliable.
posted by advicepig at 12:14 PM on August 3, 2012 [1 favorite]
Though, I'd just get SiteKiosk Basic and set it up. We used it at the museum I worked at and it was easy and reliable.
posted by advicepig at 12:14 PM on August 3, 2012 [1 favorite]
This thread is closed to new comments.
Is this an e-commerce website that accepts payment? If so, stop and do not pass go. PCI violations that you are clearly not qualified to address if you're asking this question. Call an infosec professional to design a deployment architecture.
If you want to get really fancy, you can access the website through mod_proxy for Apache, and rewrite extra-domain links to be null.
posted by bfranklin at 12:06 PM on August 3, 2012