Stop Changes on iOS & Android Devices

Step 1: iOS - Enable Screen Time

Screen Time is a powerful built-in feature on iOS that lets you restrict what users can do on the device.

1. Open Settings on the iPhone or iPad
2. Tap Screen Time
3. If not already enabled, tap Turn On Screen Time
4. Tap Use Screen Time Passcode and set a passcode that only you know

Note: Make sure the Screen Time passcode is different from the device unlock passcode.

Step 2: iOS - Enable Content & Privacy Restrictions

With Screen Time enabled, configure Content & Privacy Restrictions to prevent changes to the DNS configuration:

1. Go to Settings > Screen Time > Content & Privacy Restrictions
2. Toggle Content & Privacy Restrictions on
3. Enter your Screen Time passcode when prompted

This gives you control over which settings and features can be modified on the device.

Step 3: iOS - Prevent App Deletion

If you are using the CleanBrowsing app on iOS, prevent it from being deleted:

1. Go to Settings > Screen Time > Content & Privacy Restrictions
2. Tap iTunes & App Store Purchases
3. Set Deleting Apps to Don't Allow

This prevents users from uninstalling the CleanBrowsing app or any other app on the device.

Note: Screen Time does not directly restrict access to the General Settings page, so users can still view Wi-Fi DNS settings. However, if you are using the CleanBrowsing app (which uses a VPN profile), preventing app deletion is the most effective approach.

Step 4: Android - Use an App Lock

On Android, you can use an app lock tool to restrict access to the device Settings, preventing changes to DNS configuration.

A recommended option is AI Lock (available on Google Play Store), which allows you to:

• Restrict access to the device Settings app
• Prevent users from installing or uninstalling applications
• Lock specific apps behind a separate passcode

1. Download and install AI Lock from the Google Play Store
2. Grant the required permissions (Device Admin, Accessibility)
3. Add the Settings app to the lock list
4. Set a passcode that only you know

Step 5: Android - Restrict App Installation

To prevent users from installing apps that could bypass DNS filtering (such as VPN apps or alternative browsers):

1. In your app lock tool, add the Google Play Store to the lock list
2. Disable Install from Unknown Sources in device settings
3. If using the CleanBrowsing app, ensure it has Device Administrator privileges enabled (this prevents uninstallation)

If you are using the CleanBrowsing app, also make sure you have set the in-app passcode (see Android setup guide).

Step 6: Additional Protection Options

For more advanced device management, consider these additional options:

• GetPlucky (Andoff on Android): Provides enterprise-level Mobile Device Management (MDM) features for consumers, giving you granular control over device settings and app restrictions.
• Router-level DNS: Configure CleanBrowsing DNS on your home router for network-wide filtering that cannot be bypassed on individual devices.
• CleanBrowsing App PIN: Both the iOS and Android CleanBrowsing apps support setting a separate PIN to prevent changes to filter settings.

Tip: For the strongest protection, combine device-level restrictions with router-level DNS filtering. This way, even if a user manages to change settings on their device, the network-wide filter will still apply when they are on your home network.