webfilteringdatabase.com
Home Find Your Solution
Features
Domain Categorization API Real-Time Classification 59 Filtering Categories Offline Database (100M) ML Classification Content Classification
Industries
K-12 Schools Corporate Healthcare Government ISPs
Tools
Domain Lookup Bulk Categorization Category Explorer
Resources
Pricing API Documentation Login / Sign Up
Compliance & Regulatory

CIPA Web Filtering

Meet Children's Internet Protection Act requirements with a classification database of 100 million domains. Maintain E-Rate eligibility, protect students from harmful content, and demonstrate compliance with auditable category-level evidence.

What Is CIPA and Why Does It Matter?

If your school or library receives E-Rate discounts or LSTA grants, the Children's Internet Protection Act is not optional — it is a binding condition of the funding.

2000
Enacted by Congress
E-Rate & LSTA
Recipients must comply
20–90%
Discounts at stake
Form 486
Certified annually with the FCC

E-Rate Eligibility

E-Rate provides 20-90% discounts on internet access and disburses billions every year. CIPA compliance is required to maintain eligibility, so your filtering layer directly protects your funding.

Technology Protection Measure

CIPA requires a filter that blocks visual depictions that are obscene, child pornography, or harmful to minors. Our database provides the classification layer your filter enforces.

Internet Safety Policy

Districts must adopt and enforce an internet safety policy, monitor minors online, and educate students on safe behavior. Our 59 categories map directly to policy requirements.

Annual Certification

Schools certify CIPA compliance annually on FCC Form 486 — certifying what you cannot demonstrate risks clawbacks. Our audit-ready category data simplifies certification.

CIPA Filtering Requirements — What Must Be Blocked

The statute names three content categories a technology protection measure must block — each maps directly to our classification taxonomy

Obscene Material

Visual depictions that meet the federal definition of obscenity must be blocked for all users, adults included. Continuously updated as new domains appear.

Adult Content Nudity

Child Pornography

Material constituting child pornography must be blocked on every terminal, without exception, for all users.

Adult Content Automated Detection

Harmful to Minors

For computers used by minors: material that appeals to prurient interest and lacks serious literary, artistic, political, or scientific value for minors. Districts configure this standard by combining categories to match their board-approved policy.

Violence Drugs Weapons Gambling Hate/Discrimination

Most districts go well beyond the CIPA minimum, routinely blocking:

Gambling Drugs Weapons Hate Speech Anonymizers Proxy Bypass

Browse all 59 policy building blocks on our web filtering categories page.

How Our Database Makes CIPA Compliance Simple

Two delivery modes, one pre-classified 59-category taxonomy — either satisfies the technology protection measure CIPA requires

Real-Time API

  • Classifies any domain in under 10 milliseconds
  • Ideal for DNS filters, proxies, and cloud filtering agents
  • Always current — no local copy to refresh

Offline CSV Database

  • Full corpus of 100 million classified domains
  • Built for on-premises deployments
  • Queries never leave your network

Pre-Classified, Not Reactive

100 million domains already categorized. No waiting for manual review when a student hits an unknown site.

Auditable Evidence

Every blocked domain has a category assignment. Demonstrate to E-Rate reviewers exactly what your filter covers and why.

Continuously Updated

~300,000 newly registered domains classified every week. New threats and new content are covered automatically.

CIPA deliberately leaves filtering decisions to local authorities — you decide which categories to block, per building, per grade band, or per user group.

CIPA Compliant DNS Filtering

DNS filtering covers every device on the network — managed or unmanaged — with no agents or certificates to install

1
Device Resolves a Domain

A student's device — laptop, tablet, phone — looks up any website on the school network or a cloud resolver.

2
Resolver Queries Our API

The DNS resolver sends the domain to our classification API before answering the lookup.

3
Category Returned <10ms

The domain's category comes back in under 10 milliseconds — no perceptible browsing delay.

4
Policy Allows or Blocks

The resolver answers with the real IP address or a block page, based on your internet safety policy.

Works Off-Campus

  • Take-home Chromebooks and BYOD point at a cloud DNS resolver
  • The same k12 DNS filtering policy applies at home as in the classroom
  • Classification happens in the cloud — nothing to install

Closes Bypass Routes

  • Anonymizers and open proxies classified into their own categories
  • Newly registered bypass domains covered continuously
  • Exactly the weakness E-Rate auditors increasingly probe for

E-Rate Compliance and Funding Protection

E-Rate — administered by USAC under FCC oversight — provides $4+ billion in 20–90% discounts every year on internet access, internal connections, and managed broadband

Form 470
Competitive Bidding

Opens the bidding process describing the services your school or library needs.

Form 471
Apply for Discounts

Applies for the discounts on the services you selected, set by poverty level and rurality.

Form 486
Certify CIPA Compliance

Certifies services have started — and that you are CIPA compliant. Certifying what you cannot demonstrate risks clawbacks and audit findings.

Evidence we provide for Form 486

  • Category-level blocking rules that map to your internet safety policy
  • Coverage statistics across 100 million classified domains
  • Update-frequency documentation — newly registered domains classified continuously

When a program integrity assurance review or audit arrives, the evidence is already in place.

Beyond CIPA — COPPA, FERPA, and State Requirements

CIPA is the filtering mandate, but it is not the only regulation shaping how schools manage student internet access

COPPA

Restricts how online services collect personal information from children under 13. Our database identifies sites known to collect children's data, so districts can steer students away from non-compliant services.

FERPA

Protects student education records. Our filtering API operates without logging student browsing data — your filtering layer stays FERPA-friendly by design.

State Laws

California's SOPIPA, New York Education Law 2-d, and Texas SB 820 add student-privacy and security requirements. A category-driven filtering model adapts to overlapping mandates without re-architecture.

For grade-band policy design on top of this compliance foundation, see our guide to age-tiered web filtering for K-12 grade levels.

CIPA Web Filtering for Libraries

Libraries on E-Rate or LSTA funds must let adults request reduced filtering for bona fide research — an on/off filter cannot satisfy both obligations at once. Category-based filtering can.

Children's-Area Terminals

Full CIPA-mandated filtering, always on

  • All mandated categories blocked, plus the library's own policy categories
  • No per-session exceptions
  • Effective policy auditable for E-Rate at any time

Adult Terminals

Reduced policy on request — legally required blocks stay in force

  • Staff lift individual categories per session for lawful research
  • Obscenity and child pornography categories remain blocked
  • Every adjustment stays within the written internet safety policy

The same model supports time-based after-hours policies, staff workstations, and public Wi-Fi filtering on library-funded infrastructure.

CIPA Web Filtering Use Cases

How schools, districts, and libraries deploy CIPA compliant filtering in the real world

1

School District Network

District-wide deployment across all school buildings, filtering all student and staff traffic against CIPA-mandated categories. Policy management stays central while individual buildings or grade bands receive tailored overrides — elementary schools run stricter policies than high schools without separate infrastructure. Every block decision traces back to a category assignment, giving the district a defensible, auditable compliance posture across the entire network.

2

1:1 Chromebook Programs

Cloud-based API filtering on take-home devices ensures CIPA compliance extends beyond the school network to student homes. When a district-issued Chromebook resolves a domain from a kitchen table, the same category lookup and the same policy apply as in the classroom. Parents see consistent protection, the district sees consistent compliance, and IT manages one policy instead of two.

3

Library Public Access

Different filtering tiers for the children's section and adult terminals meet CIPA's requirement to allow adults to request reduced filtering for lawful research. Staff adjust categories per terminal or per session while the legally mandated blocks stay in force everywhere. The library satisfies E-Rate and LSTA conditions without over-blocking adult patrons or under-protecting young ones.

4

Guest Wi-Fi

CIPA-compliant filtering on school guest networks ensures all traffic on E-Rate funded infrastructure meets federal requirements — including visitor phones and contractor laptops the district doesn't manage. DNS-level enforcement covers every device that joins the network with zero client configuration, closing a compliance gap many districts overlook until an audit surfaces it.

5

State Assessment Testing

During standardized testing windows, districts lock browsing down to approved assessment platforms only. Category-based allowlisting makes the lockdown a policy change rather than an infrastructure change, and the filtering log demonstrates CIPA compliance was maintained during high-stakes events — evidence that satisfies both state testing authorities and federal reviewers.

100M
Domains Classified
59
Content Categories
<10ms
API Response Time
99.9%
Uptime SLA

API Integration for CIPA Filtering

Add CIPA compliant domain classification to your filtering infrastructure in minutes

CIPA Category Check

Classify domains against CIPA-mandated categories and enforce your internet safety policy.

import requests

# CIPA policy: categories that must be blocked
CIPA_BLOCKED = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"]

domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"]

for domain in domains:
    response = requests.post(
        "https://webfilteringdatabase.com/api/moderate.php",
        json={"api_key": "YOUR_API_KEY", "query": domain}
    )
    result = response.json()

    category = result["primary_category"]
    print(f"{domain}: {category}")

    if category in CIPA_BLOCKED:
        print("  -> BLOCKED (CIPA policy)")
    else:
        print("  -> allowed")

# khanacademy.org: education -> allowed
# tiktok.com: social_media -> allowed (district-configurable)
# gambling-site.xyz: gambling -> BLOCKED (CIPA policy)
// CIPA compliant filter - classify domains in real time
const CIPA_BLOCKED = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"];
const domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"];

async function checkDomain(domain) {
    const response = await fetch("https://webfilteringdatabase.com/api/moderate.php", {
        method: "POST",
        headers: { "Content-Type": "application/json" },
        body: JSON.stringify({ "api_key": "YOUR_API_KEY", "query": domain })
    });
    const data = await response.json();

    const blocked = CIPA_BLOCKED.includes(data.primary_category);
    console.log(`${domain}: ${data.primary_category} ${blocked ? "-> BLOCKED (CIPA)" : "-> allowed"}`);
    return { domain, blocked };
}

Promise.all(domains.map(checkDomain));

// khanacademy.org: education -> allowed
// tiktok.com: social_media -> allowed (district-configurable)
// gambling-site.xyz: gambling -> BLOCKED (CIPA)
# Classify a domain for CIPA filtering
curl -X POST "https://webfilteringdatabase.com/api/moderate.php" \
  -H "Content-Type: application/json" \
  -d '{"api_key": "YOUR_API_KEY", "query": "khanacademy.org"}'

# Response:
# {
#   "primary_category": "education",
#   "categories": ["education", "reference"],
#   "risk_level": "low"
# }

# Check a domain that violates CIPA policy
curl -X POST "https://webfilteringdatabase.com/api/moderate.php" \
  -H "Content-Type: application/json" \
  -d '{"api_key": "YOUR_API_KEY", "query": "gambling-site.xyz"}'

# Response:
# {
#   "primary_category": "gambling",
#   "categories": ["gambling", "adult"],
#   "risk_level": "high"    <- BLOCKED under CIPA policy
# }
// CIPA content filter - PHP integration
function classifyDomain($domain) {
    $payload = json_encode([
        "api_key" => "YOUR_API_KEY",
        "query"   => $domain
    ]);

    $ch = curl_init("https://webfilteringdatabase.com/api/moderate.php");
    curl_setopt_array($ch, [
        CURLOPT_POST           => true,
        CURLOPT_POSTFIELDS     => $payload,
        CURLOPT_HTTPHEADER     => ["Content-Type: application/json"],
        CURLOPT_RETURNTRANSFER => true
    ]);
    $response = curl_exec($ch);
    curl_close($ch);

    return json_decode($response, true);
}

$cipaBlocked = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"];
$domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"];

foreach ($domains as $domain) {
    $result = classifyDomain($domain);
    $cat = $result["primary_category"];
    $status = in_array($cat, $cipaBlocked) ? "BLOCKED (CIPA)" : "allowed";
    echo "$domain: $cat -> $status\n";
}

CIPA Web Filtering FAQ

Common questions about CIPA compliance, E-Rate, and content filtering

Does your database meet CIPA filtering requirements?

Yes. Our database classifies domains across all content categories CIPA mandates — obscene material, child pornography, and content harmful to minors — plus 50+ additional categories districts use to go beyond the minimum. Schools and libraries using our API or offline database as their classification layer satisfy the technology protection measure requirement, and we provide compliance documentation on request.

How do I demonstrate CIPA compliance for E-Rate?

CIPA compliance is certified annually on FCC Form 486. Our category assignments provide auditable evidence behind that certification: every domain your filter blocks maps to a documented category, your policy configuration maps to your internet safety policy, and our update-frequency documentation shows continuous coverage of newly registered domains. If USAC conducts a program integrity assurance review, the evidence trail is already in place.

What's the difference between CIPA and COPPA?

CIPA requires schools and libraries receiving federal funding to filter harmful visual content; COPPA regulates how online services collect personal data from children under 13. CIPA is about what students can access; COPPA is about what websites can collect. Our database supports both: filtering categories for CIPA enforcement, plus identification of sites known to collect children's data for COPPA-aware policies.

Do libraries have different CIPA requirements than schools?

Yes. Libraries must allow adult patrons to request that filtering be disabled or reduced for bona fide research or other lawful purposes — schools have no such obligation. Category-based filtering makes this workable: adult terminals can run a reduced policy while children's terminals keep full filtering, and individual categories can be lifted per session without disabling the legally required blocks.

How quickly are new domains classified?

Approximately 300,000 newly registered domains are classified every week, and high-visibility new sites are typically categorized within hours of appearing. This matters for CIPA because harmful content migrates to fresh domains constantly — a filter that relies on a static list falls out of compliance in practice even if it satisfied the requirement on paper when installed.

Can I customize which categories to block?

Yes. All 59 categories are individually configurable. CIPA deliberately leaves filtering decisions to local authorities, so you block the mandated categories and then extend the policy to match your board-approved internet safety policy — gambling, drugs, weapons, hate speech, anonymizers, or anything else your community standards require. Policies can differ per building, grade band, or terminal.

Does CIPA require filtering on take-home devices?

If the device is school-owned and used with E-Rate funded internet services, yes — the FCC clarified that CIPA obligations follow school-issued devices off campus. Our cloud API makes this practical: filtering agents or cloud DNS on take-home Chromebooks query the same classification database from any network, so the district's policy applies at home exactly as it does at school.

How do I handle CIPA compliance for BYOD?

DNS-level filtering on school networks covers personal devices without installing anything on them. When any device on your network — student phone, visitor laptop, contractor tablet — resolves a domain, the resolver checks our classification and enforces your policy. All traffic on E-Rate funded infrastructure stays CIPA compliant regardless of who owns the endpoint.

Ready for CIPA Compliance?

Start classifying URLs in minutes. Meet federal requirements and protect your E-Rate funding.

100M
Domains
59
Categories
99.9%
Uptime
<10ms
Response

Related Resources

web filtering for schools and education