Avatar of ccampan
 asked on

How do I create an entry in the HOSTS or LMHOSts to make all website BUT the ones we want to redirect to

Is there a way to create a HOSTS file that is opposite of the current one?  Meaning can I make a HOSTS file that locks every website and I make a list of acceptable sites?

I like that MVPS hosts fie but it doesn't limit my work employees from going to youtube and what not.

I have a sonicwall but I dont want to limit every computer.  Any suggestions?
Microsoft Legacy OSWindows OSWindows Vista

Avatar of undefined
Last Comment

8/22/2022 - Mon

Set the default gateway of the machine to  Then add the acceptable sites to the hosts file.  If a site is requested for which there is no hosts entry, it will try to use the default gateway to resolve it.

The problem with this approach is that you'd also need entries for sites on your own network as well.  Firewalls are the best solution for this kind of security.  I've never used sonicwall, but I find it hard to believe that theirs is an all or nothing solution.

I agree with cuziyg about the default gateway, you could then also ass route into the local routing table of the machine but its a messy way of doing it.

A simple web proxy like squid provides white lists of website and then will prompt for authentication when going outside of them


They really should let you edit your responses to avoid things like ass instead of add :o)
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck

LOL!  At least I got a good laugh out of it.
Brian Pierce

If you want to do this properly you need to invest in a proxy server - then you can have full control over what users can and can't access, log what they are doing and speed up access by caching content.
The range of proxy server goes from acFree Proxy - http://sourceforge.net/projects/acfreeproxy/ which is free but limited to ISA server http://www.microsoft.com/isaserver/default.mspx which is fully featured - at a price

That's a good approach.  We are a small workgroup (3 VISTA, 2 OSX) so this approach is reasonable considering we really only have one or two mapped drives.  
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.

If that's the case, then yeah, just make sure all 5 of those machines have an entry in your hosts file so this machine can see them.  Also make sure they have static addresses.  You wouldn't want to be changing it every time one of them got a new IP address.  Then set the default gateway to

To be exact we have 3 PC's running Quickbooks Point of Sale.  I am not sure how they find one another.  1 of the three is the server and the other two log onto that database server.

What entries would I need to make do you think?  Simply the computer name like  KATVPOS  as an example in the HOSTS?
Brian Pierce

Making the default GateWay is going to prohibit all internet traffic regardless of any entries in the hosts file so only do this if you want NO access outside of the current subnet so unless you want to ban ALL internet access don't do this.

The short anser is you can't do this without some addition software such as a proxy server. The hosts file cannot be used like this. If you had a domain you could use conditional forwarding to build a bodge - but the real answer is a proxy server.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

Wow, lots to think about. I tried the entire hosts file dump but I am unsure if this is going to create issues with windows update and symantec AV updates.

It does work well for us though as the only 'server' we connect to via web browser is our booking server which we use via IP and not domain.  

I need to go to school on the firewall.  Apparently the firewall is the end all be all.