Enforcing a filtered VPN on your iPhone ensures that your Content Policy remains active, preventing bypass of content filtering. Due to iPhone’s security restrictions, additional steps are needed to lock in the VPN connection, especially on supervised devices. This guide walks you through Tech Lockdown’s recommended methods to secure your VPN, so your content filtering stays uninterrupted.
For supervised iPhones or iPads, we recommend combining a protected VPN profile with protected DNS settings. This setup ensures filtering cannot be disabled without removing the Config File, which requires supervision controls.
Device Config Generator (Supervised iPhone)
Prerequisites:
- Supervised mode enables the use of the Device Config Generator.
Setting these restrictions will help prevent the Cloudflare VPN from being disabled or removed:
- Deleting Apps disabled, to ensure the Cloudflare One App can't be deleted.
- Automatic Adult Content Filter enabled, to ensure adult websites are still blocked if all filtering is removed. We recommend this as a last resort to the Content Policy.
- Enforce DNS Settings to point to your Content Policy. See Enforcing DNS Settings on iPhone.
Screen Time Preferences (Standard iPhone)
If you can't enable supervised mode, you can achieve some success with Screen Time instead. Check out our guide to parental controls on iPhone for more information. Specifically:
- Prevent Apps from being deleted.
- Prevent Apps from being installed from the App Store.
Protect the Cloudflare One VPN
Protecting the Cloudflare One VPN requires supervised mode to be enabled.
You can install a version of the VPN profile on your iPhone that can't be deleted by going to Tools > iPhone > Config Presets > Enforce Cloudflare VPN. Here are the steps to properly set this up on your iPhone:
- Open your iPhone's Settings app.
- Go to General > VPN & Device Management > VPN.
- Delete the current Cloudflare One VPN Profile.
- Download and install the Enforce Cloudflare VPN Config Preset on your iPhone (instructions available before on the Tech Lockdown dashboard, where you download the file).
- Force-close the Cloudflare One app and restart it.
Incentivize the Use of the VPN on iPhones
The best way to ensure that the Cloudflare VPN is enforced is to incentivize its use by requiring it to be active to access apps or websites. See our recommendations in our dedicated guide to incentivize the filtered VPN on iPhones.
Frequently Asked Questions
How can I prevent the filtered VPN from being disabled?
We recommend using a combination of techniques depending on your setup. See our dedicated guide to incentivize the filtered VPN on iPhones.
Can I protect the filtered VPN using Screen Time/Parental Controls?
Screen Time can only prevent apps from being installed or deleted. VPN settings are not restricted and could still be changed.