Configuring access to websites on Android devices

You can use Web Control to configure Android device users' access to websites. Web Control supports website filtering by categories defined in the Kaspersky Security Network cloud service. Filtering allows you to restrict user access to certain websites or categories of websites (for example, "Gambling, lotteries, sweepstakes" or "Internet communication"). Web Control is enabled by default.

Web Control on Android devices is supported only in Google Chrome, HUAWEI Browser, Samsung Internet, and Yandex Browser.

On corporate devices, if Kaspersky Endpoint Security for Android is not enabled as an Accessibility feature, Web Control is supported only in Google Chrome and checks only the domain of a website. To allow other browsers (Samsung Internet, Yandex Browser, and HUAWEI Browser) to support Web Control, enable Kaspersky Endpoint Security as an Accessibility feature. This will also let you use the Custom Tabs feature.

If Kaspersky Endpoint Security for Android is not enabled as an Accessibility feature and a proxy is enabled in the Google Chrome settings card, Web Control will not work.

To configure the settings for device users' access to websites:

  1. In the main window of Kaspersky Security Center Web Console, select Assets (Devices)Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
  2. In the policy properties window, select Application settings.
  3. Select Android and go to the Security controls section.
  4. On the Web Control card, click Settings.

    The Web Control window opens.

  5. Select one of the following options:
    • If you want the app to restrict user access to websites depending on their content, do the following:
      1. In the Operating mode drop-down list, in the drop-down list select Prohibit websites in selected categories.
      2. In the Categories section, create a list of prohibited categories by selecting the check boxes next to the categories of websites to which the app will block access.
    • If you want the app to allow or block user access only to specified websites, do the following:
      1. In the Operating mode drop-down list, select Allow only listed websites or Allow all websites except listed ones.
      2. Click Add.
      3. In the window that opens, create a list of websites to which the app will allow or block access, depending on the value selected in the drop-down list. You can add websites by link (full URL, including the protocol, for example, https://example.com).

        To make sure that the app allows or blocks access to the specified website in all supported versions of Google Chrome, HUAWEI Browser, Samsung Internet, and Yandex Browser include the same URL twice — once with the HTTP protocol (for example, http://example.com) and once with the HTTPS protocol (for example, https://example.com).

        For example:

        • https://example.com — The main page of the website is either allowed or blocked. This URL can only be accessed through the HTTP protocol.
        • http://example.com — The main page of the website is either allowed or blocked, but only when accessed through the HTTP protocol. Other protocols like HTTPS are not affected.
        • https://example.com/page/index.html — Only the index.html page of the website will be allowed or blocked. The rest of the website is not affected by this entry.

        The app also supports regular expressions. When entering the address of an allowed or forbidden website, use the following templates:

        • https://example\.com/.* — This template blocks or allows all child pages of the website, accessed via the HTTPS protocol (for example, https://example.com/about).
        • https?://example\.com/.* — This template blocks or allows all child pages of the website, accessed via both the HTTP and HTTPS protocols.
        • https?://.*\.example\.com — This template blocks or allows all subdomain pages of the website (for example, https://pictures.example.com).
        • https?://example\.com/[abc]/.* — This template blocks or allows all child pages of the website where the URL path begins with 'a', 'b', or 'c' as the first directory (for example, https://example.com/b/about).
        • https?://\w{3,5}.example\.com/.* — This template blocks or allows all child pages of the website where the subdomain consists of a word with 3 to 5 characters (for example, http://abde.example.com/about).

        Use the https? expression to select both the HTTP and HTTPS protocols. For more details on regular expressions, please refer to the Oracle Technical Support website.

      4. Click Add.
    • If you want the app to block user access to all websites, in the Operating mode section, in the drop-down list, select Prohibit all websites.
  6. If you want the app to check the full URL when opening a website in Custom Tabs, select the Check full URL when using Custom Tabs check box.

    Custom Tabs is an in-app browser that allows the user to view web pages without having to leave the app and switch to a full web browser version. This option provides better URL recognition and checks URLs against the configured Web Control rules. If the check box is selected, Kaspersky Endpoint Security for Android opens the website in a full version of the browser and checks the whole web address of the website. If the check box is cleared, Kaspersky Endpoint Security for Android checks only the domain of the website in Custom Tabs.

    The Custom Tabs feature is supported in Google Chrome, HUAWEI Browser, and Samsung Internet.

  7. If you want to lift content-based restrictions on user access to websites, disable the settings using the Web Control toggle switch and click Disable.
  8. Click OK.
  9. Click Save to save the changes you have made.

Mobile device settings are changed after the next device synchronization with Kaspersky Security Center.

Managing the website list

You can manage the list of websites with the following buttons:

Page top