When I first started taking my porn addiction seriously, one of my first steps was to implement a content block in my household, to prevent me from being able to watch porn, even if I wanted to. I wrote about the various technical steps in doing this in this post. The basic premise was to apply content blocking at the ISP level (e.g. your internet provider like BT or Sky), rather than at a device level, as this applies the block holistically to the entire house and all devices automatically.
The problem was that I found a workaround, and after a while I just reverted the block as it wasn’t working because of this workaround. Additionally, I felt that simply blocking porn without addressing the underlying desire was just a plaster – it wasn’t addressing the root issues.
However, during my second therapy session, my counsellor advised that although I am right – blocking alone isn’t enough and is just a plaster – it is a good way of helping to achieve a period of abstinence from porn, which is a key step in the recovery process. He advised revisiting the content block solution and so I have done, and this time I’ve plugged the workaround and am pleased to say I now am entirely unable to access porn at home.
The following is a bit technical, but may serve as a useful guide for any others wanting to block porn at home
There are two ways of blocking porn at home. One is by installing software on all of your devices that monitors what the user is doing and prevents any pornographic images or websites from being shown. The second is to apply a similar block higher up the chain, at the ISP level (Sky, BT, Virgin Media), that blocks all porn to all devices in the house. The problem with the first option is that most mobile devices, certainly Apple devices, don’t allow for such software to be installed in the first place.
So my preferred method was to implement the block higher up the internet food chain, so that my any device in my house, regardless of make or model or software, could not access porn. This method is known as a DNS-level block. DNS is a standard method of locating websites over the internet. When you type in a friendly website name like google.com, your ISP takes that name and performs what is known as a DNS lookup, which essentially converts that friendly name into a specific IP address on the web where that website content can be loaded from. When you enable a DNS block, your ISP essentially adds some rules to that lookup service that ensures that if a porn site is requested, instead of looking that site up and showing it to the user, it simply does nothing (well actually it redirects to an information page saying the page has been blocked).
It looks a bit like this:
The tricky bit is that there are many different DNS lookup services out there that all do mostly the same thing, and it is very easy to re-configure your laptop or phone to use them instead of the one that your ISP uses. Google operate a public, free DNS service for example. So for example, if I change the DNS lookup server setting on my laptop to use Google’s service instead of my ISP’s, when I type in a porn website’s name that my ISP is blocking, instead of asking my ISP for the website and receiving a blocked warning, my laptop simply asks a different company for the website address, bypassing my ISP’s name lookup service and gets the full site in return.
So how to fix this? Well I discovered that it is possible to block non-ISP DNS lookups. You do this by reconfiguring your router, and this means that your router can detect if you are trying to use a DNS service other than your ISP’s, and block the traffic completely until you remove the bypass. To do this, you first need to identify your ISP’s DNS service IP addresses (Sky’s are 188.8.131.52 and 184.108.40.206). You then need to add port forwarding rules to your router to block access to port 53 to all public IP addresses other than these IPs. So for me, I created three block rules in my router:
1. 0.0.0.0 to 220.127.116.11
3. 18.104.22.168 to 255.255.255.255
This means that the only two IP addresses that my router will allow port 53 to be accessed, which is the port used by all DNS lookup services, are the two provided by my ISP.
The final step was to allow my wife to change the admin password on my router so I can’t log in and remove these rules! This is now done, and I am now unable to bypass my ISP’s content block!
Feel free to get in touch if you’d like more info on this or some help on how to set this up in your house. The only drawbacks is that it doesn’t block porn on your laptop if you connect to a different wifi network, so if you think that is a risk for you, you may want to consider also installing blocking software on the laptop itself. It won’t help for your phone or tablet though but for me blocking at home is removing 90% of the chance of me watching porn.