How to Restrict Website Access Using Web Content Filter | Intune

Apple Web Content Filter settings can be used to allow / restrict the website access on iOS / iPadOS ( iPhone & iPad ) devices. Microsoft Intune provide an option to configure web content filters on Intune managed iOS devices. These settings are available in device feature profile. These settings works for supervised device enrolled to Intune using Apple business manager or Apple school manager.

There are two types of filter available in web content filter.

Configure URLs: Use Apple built in Web filters to block explicit contents. Apple automatically identify and block unsuitable content. If you want to override apple built-in filters then you can add the URLs to Permitted URLs / Blocked URLs. The URLs added to permitted list are allowed irrespective of built-in filters. Similarly, the URLs added to blocked list override built-in filters and blocked.

Specific Website Only (For the Apple Safari browser only) : This filter type allow the websites access which are added in the allowed list. All other websites are blocked from the targeted iOS / iPadOS devices. If you don’t enter any URLs, then users can’t access any websites except for microsoft.commicrosoft.net, and apple.com. These URLs are automatically allowed by Intune.

In this blog post, we will configure Intune Web content filter settings to only allow office.com portal access from Intune managed iOS devices. The settings will be applicable for Safari browser only. If user have other browser ( Microsoft Edge , Google Chrome etc.) installed on the device then they can still access other websites.


Create a Device Feature Profile to Apply Web Content Filter


Follow the below steps to configure web content filter on IOS devices using Microsoft Intune Device features profile.

  • In Microsoft Intune admin center, navigates to Devices > iOS/iPadOS > Configuration profiles.
  • Click on Create and select New Policy.

Intune Configuration profiles

In the new flyer window, select the following

  • Profile type: Templates
  • Template name: Device features

Intune configuration profiles - Device features



In the Device features > Basics page, provide the Profile name , Description and click on Next.

Device features - Web content filters

  • In the Configuration settings page, expand Web Content Filter and select Specific websites only in Filter Type.

Web content filters | Microsoft intune ios

In the Specific website only section, enter the URLs of all websites which access you want to allow. You need to provide website URL and Title. The bookmark path setting no longer works due to recent changes made by Apple for Safari browser. All the URLs are automatically added to Safari browser bookmarks.

Click on Next to moved to Assignment page.

Web content filters | Microsoft intune ios

In the Assignments page, assign the policy to Entra ID group and click on Next.

Intune web content filter

In the Review + create page, review the settings and click on Create button to create the policy. You can monitor the notification in notification area to confirm successful policy creation.

Review + create


Verify the Applied Policy on iOS/iPadOS


You can see the web content filter URLs title in iOS/iPadOS settings app once policy is successfully applied on the device.

Follow the below steps on iPad / iPhone to confirm if web content filter policy was successfully applied on the device.

  • Open Settings apps
  • Navigates to General > VPN & Device Management > Management Profile
  • Select Restrictions
  • Select Web content filter

You can see the URLs title listed under Allowed Bookmarks. If you do not see Web content filters under General > VPN & Device Management > Management Profile > Restrictions then policy has not been applied yet.

Web content filters - iOS



End User Experience

We tried to access office.com portal from Apple Safari browser on the Microsoft Intune iOS device where web content filter policy was applied. The MS office portal worked fine. This was the expected result.

Web content filters - allowed sites office,com

Now we tried to open gmail.com from Safari browse on same device. The gmail was not accessible. Again this was the expected result as we have only allowed office.com websites on the devices. User received below message.

Restricted site : You cannot browse this page at “account.google,com” because it is restricted.

Web content filter - blocked sites on iOS


Related Posts


Subscribe to Techuisitive Newsletter

Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.


Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top