<

Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

How to block Website Access using PAC File (Scripting)?

Published on
11,621 Points
5,621 Views
Last Modified:
I recently found myself in a Corporate Situation where the client had requested blocking access to any and all websites except his own Domain? Easy?

I am sure this would be your answer but their requirement was, this has to be done without using any Hardware/Software based Proxy or a Firewall. It cannot be controlled at the Gateway etc. i.e. no change at the Corporate Level. This was not possible for us anyways since the client was sharing the Network with 3 other clients and making specific changes to the Network would mean affecting the other clients as well. We had to come up with Host based Solutions.

One more issue that we had to deal with, was that the clients were using Corporate Proxy and hence, all the traffic was going through a single IP. Windows Firewall was not a solution .


Solution [Not perfect but it works !:)] : We used IE as our starting point and since Proxy was used, all we had to do is to redirect all the traffic for "Blocked Websites" to DIRECT since Direct access was blocked and send only valid requests to the Proxy Server. Example below :


////Use the following link in IE after placing the file under ETC folder
////file://c:/windows/system32/drivers/etc/proxy.pac

function FindProxyForURL(url, host)
    {

PROXYENTRY = "PROXY proxy.Domain.com:8080"

if (shExpMatch(host, "*.Client.com*"))
 return PROXYENTRY;

else
        return "DIRECT";

    }

This script is simple enough and will allow traffic only related to Domain.com to Proxy. All other traffic is redirected to DIRECT which failed in our environment since it was not allowed in first place.

Although, if Direct is allowed then the traffic can also be redirected to something like Deadproxy.deadlink.com:8080 or some other non-working link.

For locking down the rest of the system, use Windows Firewall and Limited Access to local System like removing Admin Account.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
0 Comments

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Join & Write a Comment

Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month