Want to open up your Wi-Fi network to easier access for visitors, block the web's nasty stuff from young eyes, and maybe regain some bandwidth, too? Go ahead and unleash your inner coffee shop owner. With free software and no extra hardware, you can manage content and bandwidth on your home network, or even manage a semi-public "hotspot", without feeling like a despot.Photo by Wonderlane.
In the first two sections below, we'll run down some techniques and settings tweaks that will let anyone with a halfway modern router filter content, restrict or slow down access, and keep bad stuff off your network. That's helpful for net-connected children, but also for those looking to create a home coworking space, run a public hotspot from your business, or even open your network to certain users in the wider world. You can do that too, creating a semi-public hotspot that we'll cover in the third section.
Let's get started. The only extra item you might need is an ethernet cable, and that's a connection that's not absolutely necessary, though highly recommended.
Level 1: Use What Your Router Gives You
For most homes, the only settings that need changing on the Wi-Fi router are the access password and, maybe, the router's broadcast name. But if you want to have a say in who has access, at what times, you'll need to dig a bit deeper into your little antenna-topped box.
Connect your computer to your router (either by Wi-Fi or Ethernet cable — though when you're tweaking your router, going wired is often a smoother approach) and enter in its IP address into a browser to get to its configuration screen. This is usually something akin to 192.168.1.1, 192.168.11.1, or another number. You can use the first step of OpenDNS' router setup to help you determine your router's IP address. If you've changed the default administrative user/password (you should if you haven't!), enter it when you're prompted; if you didn't change your password, you can find the default set through routerpasswords.com or your router's manual.
Look for a section named "Access Restrictions", or possibly just "Access", and sometimes found under the "Administration" tab. You might find that this section allows you to exercise quite a bit of control over which computers can access which kinds of internet apps, and when. On a typical router, you can apply filters to certain computers by their unique MAC address (here's how to find those), giving them access at certain hours of certain days. You can also often block certain kinds of traffic on select systems, or across the whole network, including BitTorrent, popular online games and other apps.
That kind of nitty-gritty control is helpful, but you can't realistically scour the whole web to prevent bad stuff from getting in, either to your kids or freeloaders you're letting benevolently use your connection. To get that kind of basic screening, and get a bit more control, we'll turn to a service that gives us access from a higher level: OpenDNS.
Level 2: Control and Filter with OpenDNS
Your DNS server takes the domains you type in (amazon.com) and translates them into the numbers and destinations (22.214.171.124) all the computers between you and your next pair of shoes can understand. By default, your internet service provider uses a default DNS to handle your requests, but you can switch to OpenDNS for free, and institute policies and filters on what makes it into your house. In other words, it's installing a valve a little higher on your internet pipe. Head to OpenDNS and create an account, then perform this fairly simple setup. (One warning: using OpenDNS will mean you won't get the benefit of any unmetered content your ISP offers, so bear that in mind before proceeding.)
Back inside your router setup, usually on the main page or in the first page of "Wireless" settings, you'll see two or three rows of boxes offered for entering "Static DNS". They're usually set to 0.0.0.0, or a number provided by your ISP. Enter instead into those boxes the numbers for OpenDNS: 126.96.36.199 and 188.8.131.52. Hit "Apply Settings", or just "Save" if that's your only option, then wait for your router to update itself. After that, you'll want to flush your computer's DNS cache, and also wipe out your browser cache to make a fresh connection. But that's it — you should be able to log into your Dashboard if you've already created an account.
From your Dashboard, you can enable some strong and specific web content filters. If you've got kids, the reasons for doing so are obvious. If you're thinking about helping out a neighbour or passer-by with Wi-Fi, the reasoning might lean a bit more toward liability. You can use any of the preset filtering levels and customise them individually, or set up a new set of parameters to filter with a Custom setting. If OpenDNS isn't quite catching what you're trying to block, you can add up to 25 domains of your choice to a blacklist with the free plan. For much more limited access and protection for young eyes, you can upgrade to OpenDNS' Deluxe plan for $US9.95 per year, or 83 cents per month, to enable a whitelist-only plan on certain computers.
Whether you're paying that small fee or not, you can track and see how well your filtering is working out with OpenDNS' Stats and Logs section. It takes a day or two to build a usable data set, but once you do, you can see reports and graphics showing where your bandwidth is going. That helps you spot problematic usage before it gets out of control. You can view top domains requested, see request "types" to understand the traffic flow, and download reports if you'd like to visualise the data yourself. Free accounts get two weeks of logs kept up for free, while Deluxe accounts have year-long archives.
So now you can keep your home, your small office, or your impromptu coworking space from spiraling into the depths of procrastination and, uh, other things that start with "p". Let's think about letting in neighbours, or even public browsers nearby, by creating a coffee-shop-style hotspot, complete with its own login page with the usual disclaimer blah-blah.
Level 3: Open Up with Hotspot System
There's nothing you actually need to become a public Wi-Fi access point, other than a lack of a password scheme. But it's a pretty bad idea to let anyone use your network, from any device, using whatever bandwidth they can grab, with no warnings or disclaimers in sight. Hotspots System lets anyone create a basic web "greeting" page, show the requisite disclaimers, then control bandwidth usage and kick out abusers.
Running a hotspot is something best done on a secondary router, and it's easiest to do with open-source firmware installed, such as DD-WRT. That lines up perfectly with another project we've geeked out on: turning an old router into a Wi-Fi repeater, powered by DD-WRT. If you're interested in taking that secondary router and using it as a kind of public satellite, you can grab a "Hotspot Free" account, then set it up in your router's Services section, under the Hotspot tab. With a free account, you can bump anyone looking to browse the web onto a page linking a basic usage agreement, as well as keep track of what they're doing in a general sense. From your Hotspotsystem.com account page, you can cap upload and download usage, so that your free offering doesn't crush the service you actually pay for, and create a few more rules and regulations. If you wanted to charge for access, or hand out "tickets" for usage, you'd need to upgrade to a paid Hotspot System account.
You've now got a pretty good set of tools in your hands to prevent bad behaviour and resource hogging on your network, and maybe even give out some of your unused bandwidth, too, with some basic protections. If you've worked out other means of monitoring and filtering your router, or offering up access in semi-public fashion, tell us about it in the comments.