What Is CIPA and Why Does It Matter?
If your school or library receives E-Rate discounts or LSTA grants, the Children's Internet Protection Act is not optional — it is a binding condition of the funding.
Meet Children's Internet Protection Act requirements with a classification database of 100 million domains. Maintain E-Rate eligibility, protect students from harmful content, and demonstrate compliance with auditable category-level evidence.
If your school or library receives E-Rate discounts or LSTA grants, the Children's Internet Protection Act is not optional — it is a binding condition of the funding.
E-Rate provides 20-90% discounts on internet access and disburses billions every year. CIPA compliance is required to maintain eligibility, so your filtering layer directly protects your funding.
CIPA requires a filter that blocks visual depictions that are obscene, child pornography, or harmful to minors. Our database provides the classification layer your filter enforces.
Districts must adopt and enforce an internet safety policy, monitor minors online, and educate students on safe behavior. Our 59 categories map directly to policy requirements.
Schools certify CIPA compliance annually on FCC Form 486 — certifying what you cannot demonstrate risks clawbacks. Our audit-ready category data simplifies certification.
The statute names three content categories a technology protection measure must block — each maps directly to our classification taxonomy
Visual depictions that meet the federal definition of obscenity must be blocked for all users, adults included. Continuously updated as new domains appear.
Material constituting child pornography must be blocked on every terminal, without exception, for all users.
For computers used by minors: material that appeals to prurient interest and lacks serious literary, artistic, political, or scientific value for minors. Districts configure this standard by combining categories to match their board-approved policy.
Most districts go well beyond the CIPA minimum, routinely blocking:
Browse all 59 policy building blocks on our web filtering categories page.
Two delivery modes, one pre-classified 59-category taxonomy — either satisfies the technology protection measure CIPA requires
100 million domains already categorized. No waiting for manual review when a student hits an unknown site.
Every blocked domain has a category assignment. Demonstrate to E-Rate reviewers exactly what your filter covers and why.
~300,000 newly registered domains classified every week. New threats and new content are covered automatically.
CIPA deliberately leaves filtering decisions to local authorities — you decide which categories to block, per building, per grade band, or per user group.
DNS filtering covers every device on the network — managed or unmanaged — with no agents or certificates to install
A student's device — laptop, tablet, phone — looks up any website on the school network or a cloud resolver.
The DNS resolver sends the domain to our classification API before answering the lookup.
The domain's category comes back in under 10 milliseconds — no perceptible browsing delay.
The resolver answers with the real IP address or a block page, based on your internet safety policy.
E-Rate — administered by USAC under FCC oversight — provides $4+ billion in 20–90% discounts every year on internet access, internal connections, and managed broadband
Opens the bidding process describing the services your school or library needs.
Applies for the discounts on the services you selected, set by poverty level and rurality.
Certifies services have started — and that you are CIPA compliant. Certifying what you cannot demonstrate risks clawbacks and audit findings.
When a program integrity assurance review or audit arrives, the evidence is already in place.
CIPA is the filtering mandate, but it is not the only regulation shaping how schools manage student internet access
Restricts how online services collect personal information from children under 13. Our database identifies sites known to collect children's data, so districts can steer students away from non-compliant services.
Protects student education records. Our filtering API operates without logging student browsing data — your filtering layer stays FERPA-friendly by design.
California's SOPIPA, New York Education Law 2-d, and Texas SB 820 add student-privacy and security requirements. A category-driven filtering model adapts to overlapping mandates without re-architecture.
For grade-band policy design on top of this compliance foundation, see our guide to age-tiered web filtering for K-12 grade levels.
Libraries on E-Rate or LSTA funds must let adults request reduced filtering for bona fide research — an on/off filter cannot satisfy both obligations at once. Category-based filtering can.
Full CIPA-mandated filtering, always on
Reduced policy on request — legally required blocks stay in force
The same model supports time-based after-hours policies, staff workstations, and public Wi-Fi filtering on library-funded infrastructure.
How schools, districts, and libraries deploy CIPA compliant filtering in the real world
District-wide deployment across all school buildings, filtering all student and staff traffic against CIPA-mandated categories. Policy management stays central while individual buildings or grade bands receive tailored overrides — elementary schools run stricter policies than high schools without separate infrastructure. Every block decision traces back to a category assignment, giving the district a defensible, auditable compliance posture across the entire network.
Cloud-based API filtering on take-home devices ensures CIPA compliance extends beyond the school network to student homes. When a district-issued Chromebook resolves a domain from a kitchen table, the same category lookup and the same policy apply as in the classroom. Parents see consistent protection, the district sees consistent compliance, and IT manages one policy instead of two.
Different filtering tiers for the children's section and adult terminals meet CIPA's requirement to allow adults to request reduced filtering for lawful research. Staff adjust categories per terminal or per session while the legally mandated blocks stay in force everywhere. The library satisfies E-Rate and LSTA conditions without over-blocking adult patrons or under-protecting young ones.
CIPA-compliant filtering on school guest networks ensures all traffic on E-Rate funded infrastructure meets federal requirements — including visitor phones and contractor laptops the district doesn't manage. DNS-level enforcement covers every device that joins the network with zero client configuration, closing a compliance gap many districts overlook until an audit surfaces it.
During standardized testing windows, districts lock browsing down to approved assessment platforms only. Category-based allowlisting makes the lockdown a policy change rather than an infrastructure change, and the filtering log demonstrates CIPA compliance was maintained during high-stakes events — evidence that satisfies both state testing authorities and federal reviewers.
Add CIPA compliant domain classification to your filtering infrastructure in minutes
Classify domains against CIPA-mandated categories and enforce your internet safety policy.
import requests # CIPA policy: categories that must be blocked CIPA_BLOCKED = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"] domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"] for domain in domains: response = requests.post( "https://webfilteringdatabase.com/api/moderate.php", json={"api_key": "YOUR_API_KEY", "query": domain} ) result = response.json() category = result["primary_category"] print(f"{domain}: {category}") if category in CIPA_BLOCKED: print(" -> BLOCKED (CIPA policy)") else: print(" -> allowed") # khanacademy.org: education -> allowed # tiktok.com: social_media -> allowed (district-configurable) # gambling-site.xyz: gambling -> BLOCKED (CIPA policy)
// CIPA compliant filter - classify domains in real time const CIPA_BLOCKED = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"]; const domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"]; async function checkDomain(domain) { const response = await fetch("https://webfilteringdatabase.com/api/moderate.php", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ "api_key": "YOUR_API_KEY", "query": domain }) }); const data = await response.json(); const blocked = CIPA_BLOCKED.includes(data.primary_category); console.log(`${domain}: ${data.primary_category} ${blocked ? "-> BLOCKED (CIPA)" : "-> allowed"}`); return { domain, blocked }; } Promise.all(domains.map(checkDomain)); // khanacademy.org: education -> allowed // tiktok.com: social_media -> allowed (district-configurable) // gambling-site.xyz: gambling -> BLOCKED (CIPA)
# Classify a domain for CIPA filtering curl -X POST "https://webfilteringdatabase.com/api/moderate.php" \ -H "Content-Type: application/json" \ -d '{"api_key": "YOUR_API_KEY", "query": "khanacademy.org"}' # Response: # { # "primary_category": "education", # "categories": ["education", "reference"], # "risk_level": "low" # } # Check a domain that violates CIPA policy curl -X POST "https://webfilteringdatabase.com/api/moderate.php" \ -H "Content-Type: application/json" \ -d '{"api_key": "YOUR_API_KEY", "query": "gambling-site.xyz"}' # Response: # { # "primary_category": "gambling", # "categories": ["gambling", "adult"], # "risk_level": "high" <- BLOCKED under CIPA policy # }
// CIPA content filter - PHP integration function classifyDomain($domain) { $payload = json_encode([ "api_key" => "YOUR_API_KEY", "query" => $domain ]); $ch = curl_init("https://webfilteringdatabase.com/api/moderate.php"); curl_setopt_array($ch, [ CURLOPT_POST => true, CURLOPT_POSTFIELDS => $payload, CURLOPT_HTTPHEADER => ["Content-Type: application/json"], CURLOPT_RETURNTRANSFER => true ]); $response = curl_exec($ch); curl_close($ch); return json_decode($response, true); } $cipaBlocked = ["adult", "nudity", "gambling", "violence", "drugs", "weapons"]; $domains = ["khanacademy.org", "tiktok.com", "gambling-site.xyz"]; foreach ($domains as $domain) { $result = classifyDomain($domain); $cat = $result["primary_category"]; $status = in_array($cat, $cipaBlocked) ? "BLOCKED (CIPA)" : "allowed"; echo "$domain: $cat -> $status\n"; }
Common questions about CIPA compliance, E-Rate, and content filtering
Yes. Our database classifies domains across all content categories CIPA mandates — obscene material, child pornography, and content harmful to minors — plus 50+ additional categories districts use to go beyond the minimum. Schools and libraries using our API or offline database as their classification layer satisfy the technology protection measure requirement, and we provide compliance documentation on request.
CIPA compliance is certified annually on FCC Form 486. Our category assignments provide auditable evidence behind that certification: every domain your filter blocks maps to a documented category, your policy configuration maps to your internet safety policy, and our update-frequency documentation shows continuous coverage of newly registered domains. If USAC conducts a program integrity assurance review, the evidence trail is already in place.
CIPA requires schools and libraries receiving federal funding to filter harmful visual content; COPPA regulates how online services collect personal data from children under 13. CIPA is about what students can access; COPPA is about what websites can collect. Our database supports both: filtering categories for CIPA enforcement, plus identification of sites known to collect children's data for COPPA-aware policies.
Yes. Libraries must allow adult patrons to request that filtering be disabled or reduced for bona fide research or other lawful purposes — schools have no such obligation. Category-based filtering makes this workable: adult terminals can run a reduced policy while children's terminals keep full filtering, and individual categories can be lifted per session without disabling the legally required blocks.
Approximately 300,000 newly registered domains are classified every week, and high-visibility new sites are typically categorized within hours of appearing. This matters for CIPA because harmful content migrates to fresh domains constantly — a filter that relies on a static list falls out of compliance in practice even if it satisfied the requirement on paper when installed.
Yes. All 59 categories are individually configurable. CIPA deliberately leaves filtering decisions to local authorities, so you block the mandated categories and then extend the policy to match your board-approved internet safety policy — gambling, drugs, weapons, hate speech, anonymizers, or anything else your community standards require. Policies can differ per building, grade band, or terminal.
If the device is school-owned and used with E-Rate funded internet services, yes — the FCC clarified that CIPA obligations follow school-issued devices off campus. Our cloud API makes this practical: filtering agents or cloud DNS on take-home Chromebooks query the same classification database from any network, so the district's policy applies at home exactly as it does at school.
DNS-level filtering on school networks covers personal devices without installing anything on them. When any device on your network — student phone, visitor laptop, contractor tablet — resolves a domain, the resolver checks our classification and enforces your policy. All traffic on E-Rate funded infrastructure stays CIPA compliant regardless of who owns the endpoint.
Start classifying URLs in minutes. Meet federal requirements and protect your E-Rate funding.