Avatar of NetworkMike
NetworkMikeFlag for United States of America

asked on 

Block Web portals through Group Policy

I am trying to block my users from going to all but a few web sites in Group Policy.
We are running Win 2003 and XP pro.
I have created a policy that puts all the web portals I want people to be able to go to in trusted sites, and I would like to prevent them from going to anywhere but their trusted sites.

To add some more.  I would like to go direct to the internet and not use a proxy or 3rd party software.

Any ideas?
Windows Server 2003

Avatar of undefined
Last Comment
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image

I did think this might be possible in a crude way by adding the sites to trusted sites and then not allowing IE to access anything else but on reflection this is not a good idea as the 'trusted sites' would have more provilages on your machine than they really should have any in case. You are alow going to get all sorts of issues with links an referals that would make it a nightmare to keep on top of.

If you really want to do this bite the bullet and spend a little of your hard-earned on a decent proxy sever such as Microsoft ISA server,
Avatar of NetworkMike
Flag of United States of America image


The sites I am allowing should be trusted site anyway so I am not worried about the extra privillages.  I have not found a way to only allow the trusted sites and block everything else.  In general I agree with you, but in this situation I think it will be OK from a security standpoint.
Avatar of NetworkMike
Flag of United States of America image


I figured out a way to do this.

It is a proxy solution where you send everything to a false proxy (I just choose an unused IP address, or someone you really don't like).  Then put all the websites you want to work in the do not use proxy for these.

In Group Policy :
User Configuration / windows settings / Internet Explorer Maintaince / Connection / Proxy settings

I set port http and https to use the proxy

in the same area, I configured  the exceptions to be the web sites I want people to get to.
I was able to use wildcards so I could allow an entire domain.

This will only work if you have a limited number of web pages you want to allow.  This worked great for us because my users only need about 12 site to be able to do their jobs.

Avatar of Computer101
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Windows Server 2003
Windows Server 2003

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo