Web Content Filtering

Blocking Access / Providing Warnings about Malicious Websites

In order to protect LSE users and data from websites that may host malicious, destructive and illegal content, or are otherwise in breach of the various requirements LSE as an institution and its community as individual users have to sign up to, IMT has been given mandated by LSE’s Information Technology Committee to block some tightly-defined categories of websites from campus machines. 


Blocking malicious websites or giving warnings about them addresses the following requirements:

  1. The LSE’s ‘Conditions of Use of IT Facilities’ [PDF] which every LSE user signs. This includes clauses concerning the prohibition on:
    a.   Using “the IT Facilities to access, store or distribute material that is obscene, indecent or pornographic.”
    Online discrimination and harassment.
    Computer misuse including hacking.
  2. The Acceptable Use Policy stipulated by our internet provider JANET (the Joint Academic Network) for any use of its network, including clauses concerning the prohibition on:
    a.   “Creation or transmission […] of any offensive, obscene or indecent images”
    “Corrupting or destroying other users’ data; violating the privacy of other users; disrupting the work of other users; denying service to other users.”
  3. Our legal obligations (for instance, the Data Protection Act 1998, Copyright Act 1988, Computer Misuse Act 1990, Protection of Children Act 1978, Sexual Offences Act 2003, Criminal Justice and Immigration Act 2008).
  4. Issues of due care towards our staff and students (by making sure, for example, that they are not inadvertently exposed to pornography or offensive material).

Please see below for further information about web content filtering and how to request the unblocking of a website, if you feel it has been incorrectly categorised:

The Threat to LSE 

Access to websites that breach any of the above conditions leaves LSE and its community at risk from potential legal, commercial and reputational damage.


Furthermore, the sort of websites that host content such as pornography are frequently infected with malware that can be silently transmitted to the machine of the viewer, often resulting in the harvesting of user account details and other sensitive and / or confidential data.


We have a duty to protect our users, intellectual property, computers and network from damage, compromise and exposure to dangerous and illegal content. We also need to protect our reputation as a place of learning. At the same time, we must ensure the principle of academic freedom is maintained and access to necessary resources on the internet is not restricted.

Website Category Overview

There are a number of commonly-used website categories LSE will block by default. This helps reduce non-compliance with our requirements and acts to reduce the number of virus infections we suffer on campus.


Since Tuesday 9th September 2014, LSE's firewall blocks access on non-IMT managed devices on the LSE network to 'Adult Sexually Explicit' sites and BitTorrent traffic used to download copyright infringing content.


The approach to each listed category of web site is outlined below:


Website Category


Adult sexually explicit [including child pornography]

Block Access

Anonymizer proxies [untraceable internet traffic]

Send warning but Allow Access

Criminal activity

Send warning but Allow Access


Block Access

Intolerance and hate

Send warning but Allow Access

Phishing and fraud

Block Access

Spam urls

Block Access


Block Access

Tasteless and offensive

Send warning but Allow Access


Send warning but Allow Access


Send warning but Allow Access


Warning Categories

Where a user accesses a website in a category marked as ‘Send warning but Allow Access’, a message will be displayed informing the user that the website contains questionable content.


The user will be given the option to proceed at their own discretion, or return to the previous page they were viewing.


Blocked Categories

Where a user accesses a website in a category marked as ‘Block Access’, a message will be displayed informing the user that the website has been blocked and giving them the option to return to the previous page they were viewing.


Current Limits

The block/warn ability contained within the Sophos Anti-Virus software provides protection to any onsite machine running the IMT-managed Sophos client.


This includes most campus Windows and Mac workstations, but does not cover any user-owned devices, student devices, mobile devices using our wireless network, or non-IMT workstations with other or no anti-virus software installed.

Firewall Blocking

Access to sites classified as 'Adult Sexually Explicit', and to BitTorrent traffic, are blocked at LSE's firewall.


This covers user-owned devices, student devices, mobile devices using our wireless network, or non-IMT workstations as well as IMT-managed workstations.

Maintaining Freedom of Access to the Internet

We will not block legitimate web access requirements that any member of the LSE community may have.


If anyone requests access to a category of website that has been blocked by Sophos, IMT will provide it upon written request to the Information Security Manager. The request must outline the category of the required website, who needs access and for what duration.


The Information Security Manager will maintain a list of who has access to what resources and for how long. This list may be audited at any time and may be subject to disclosure resulting from a ‘Freedom Of Information’ request.


If any student requires such access, they must ask an appropriate member of staff to request such access be enabled on their behalf.

Incorrectly Categorised Websites

If anyone encounters a website that has been incorrectly blocked by Sophos (for instance, a research website that has been classified as ‘Spam’, or a resource for the LGBT community that has been blocked as ‘Adult / Sexually Explicit’) please contact the IT Service Desk, and the restrictions on accessing the website will be lifted for all users as soon as possible, without needing any of the caveats required for accessing a site that has been legitimately blocked.


If you wish to anonymously report an incorrectly categorised website, you can do so here.


  1. Q: I downloaded the copy of Sophos that LSE provides for free onto my own laptop. Will my Sophos client block access to any category of websites?
     No. This will only apply to centrally-managed (i.e. IMT installed) versions of Sophos.
  2. Q: I’m using an LSE-purchased and installed laptop with Sophos on it. I’m taking it off-site. Will the Sophos client still block access to any category of websites?
     Yes. It just won’t be able to update the list of websites until you’re next back on campus.
  3. Q: My Sophos client has informed me that a website has been blocked, even though it is nothing to do with the categories listed. What do I do?
     Contact the Information Security Manager with the address of the site you need access to, and the length of time you need access to it.
  4. Q: I’m doing research using my office machine into phishing, fraud, spam and spyware sites. I need to see as many of these sites as possible – which means not just allowing one address but potentially hundreds. This document says all sites like that will be blocked. What do I do?
     Contact the Information Security Manager, who will ensure you have access to what you need. We may need to provide additional protection for your machine as it will inevitably, as a result of your research, end up riddled with malware.
  5. Q: How do I know if my laptop is running the centrally managed version of the Sophos client?
     The centrally-managed version is installed by default on all campus workstations (in offices and public areas) and laptops. It isn’t installed on any other machines. If you’re in doubt, please contact the IT Service Desk and we’ll check for you.
  6. Q: The paper mentioned a project to put in place something more comprehensive that would cover all devices, irrespective of whether they had the Sophos client installed. When will that be ready and how will it improve things?
     We’re planning to have new firewalls in place that can provide this level of filtering in the next calendar year. They would provide coverage to all connected devices within our network perimeter, irrespective of make, model, operating system or owner.
  7. Q: I’m not using a centrally-managed version of Sophos, but I would like to protect myself and / or my family from these sort of websites. What can I do?
    There are a range of options available. See http://www.techrepublic.com/blog/five-apps/five-content-filters-suitable-for-both-home-and-business/1542

Requesting Access

If you require access to a blocked website please contact the IT Service Desk.

Email: it.servicedesk@lse.ac.uk
Phone: 020 7107 5000 (extension 5000)