The Apple Web Content Filter settings can be used to allow / restrict the website access on iOS / iPadOS ( iPhone & iPad ) devices. Microsoft Intune provide an option to configure web content filters on Intune managed iOS devices. These settings are available in device feature profile. These settings works for supervised device enrolled to Intune using Apple business manager or Apple school manager.
There are two types of filter available in web content filter.
Configure URLs: Use Apple built in Web filters to block explicit contents. Apple automatically identify and block unsuitable content. If you want to override apple built-in filters then you can add the URLs to Permitted URLs / Blocked URLs. The URLs added to permitted list are allowed irrespective of built-in filters. Similarly, the URLs added to blocked list override built-in filters and blocked.
Specific Website Only (For the Apple Safari browser only) : This filter type allow the websites access which are added in the allowed list. All other websites are blocked from the targeted iOS / iPadOS devices. If you don’t enter any URLs, then users can’t access any websites except for microsoft.com, microsoft.net, and apple.com. These URLs are automatically allowed by Intune.
In this blog post, we will configure Intune Web content filter settings to only allow office.com portal access from Intune managed iOS devices. The settings will be applicable for Safari browser only. If user have other browser ( Microsoft Edge , Google Chrome etc.) installed on the device then they can still access other websites.
Create a Device Feature Profile to Apply Web Content Filter
Follow the below steps to configure web content filter on IOS devices using Microsoft Intune Device features profile.
- In Microsoft Intune admin center, navigates to Devices > iOS/iPadOS > Configuration profiles.
- Click on Create and select New Policy.
In the new flyer window, select the following
- Profile type: Templates
- Template name: Device features
In the Device features > Basics page, provide the Profile name , Description and click on Next.
- In the Configuration settings page, expand Web Content Filter and select Specific websites only in Filter Type.
In the Specific website only section, enter the URLs of all websites which access you want to allow. You need to provide website URL and Title. The bookmark path setting no longer works due to recent changes made by Apple for Safari browser. All the URLs are automatically added to Safari browser bookmarks.
Click on Next to moved to Assignment page.
In the Assignments page, assign the policy to Entra ID group and click on Next.
In the Review + create page, review the settings and click on Create button to create the policy. You can monitor the notification in notification area to confirm successful policy creation.
Verify the Applied Policy on iOS/iPadOS
You can see the web content filter URLs title in iOS/iPadOS settings app once policy is successfully applied on the device.
Follow the below steps on iPad / iPhone to confirm if web content filter policy was successfully applied on the device.
- Open Settings apps
- Navigates to General > VPN & Device Management > Management Profile
- Select Restrictions
- Select Web content filter
You can see the URLs title listed under Allowed Bookmarks. If you do not see Web content filters under General > VPN & Device Management > Management Profile > Restrictions then policy has not been applied yet.
End User Experience
We tried to access office.com portal from Apple Safari browser on the Microsoft Intune iOS device where web content filter policy was applied. The MS office portal worked fine. This was the expected result.
Now we tried to open gmail.com from Safari browse on same device. The gmail was not accessible. Again this was the expected result as we have only allowed office.com websites on the devices. User received below message.
Restricted site : You cannot browse this page at “account.google,com” because it is restricted.
Related Posts
- Deny M365 Apps access from Untrusted Locations
- How to Restrict Website Access Using Web Content Filter | Intune
- Fix Something went wrong – 2002 error on iOS | Intune
- Configure Home Screen Layout on iOS using Intune
- How to Show or Hide Native Apps on iOS via Intune
Subscribe to Techuisitive Newsletter
Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.
