• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1671
  • Last Modified:

Configure Firefox (or IE) to allow only certain specified sites

Is there a way to configure Firefox (or IE) to allow only certain specified sites?  I know I can block certain sites, but I want to allow only a few sites and block everything else.  This will be done on our Citrix server so that any web browsing by any user with that browser (one or the other) on the Citrix server will be restricted.  Thanks.

~bruno71
0
bruno71
Asked:
bruno71
  • 4
  • 3
  • 2
  • +1
1 Solution
 
Ernie BeekExpertCommented:
If you want to allow only a few sites, perhaps its better to try to do it by means of routing.
On Citrix only allow routes to those sites (by means of a logon script or equal).
0
 
Ernie BeekExpertCommented:
And don't give them a default gateway (to the internet).
0
 
johnb6767Commented:
Use a fake Proxy, but allow the sites you want to bypass it......

Windows SteadyState installation extracts some .adm files, and one of them is to Block Internet Access....

Just install it on a test box, and grab the .adm files to import into a GPO.....

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx

You can use the native policy as well, but I post this one, as thier might be other settigns youd like to use to lockdown the profiles.....

FYI, this is for IE.... I assume you could do similar in FF, but not sure on the exact steps....
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
bbaoIT ConsultantCommented:
for IE, you may try Content Advisor, the built-in functionality to control web access.

HOW TO: Use the Internet Explorer 6 Content Advisor to Control Access to Web Sites in Internet Explorer
http://support.microsoft.com/kb/310401
0
 
johnb6767Commented:
Fyi, content advisor would have issues on sites with a lot of JavaScript. Tried to implement once on a JS intensive site, and had to get the address of every darn button... Not bad for simple sites though...
0
 
bruno71Author Commented:
I've tried Content advisor before, but it's not quite as clean as I would like.

I don't want to lock down the entire Citrix server, but just one browser.  For instance, I want to lock down IE because it will be published to employee training terminals for access to just specific sites.  But I want to leave Firefox open for normal users who may have a link in an email to open, etc.

I don't care which is locked down and which is open.

~bruno71
0
 
johnb6767Commented:
IE is easier to lock down via GPO (Fake Proxy/Allowed websites listed to "bypass").....

Firefox would need to be scripted and deployed.....
0
 
bruno71Author Commented:
johnb6767,

Can you direct me to those specific GPO settings?  I've only done a little with GPO before and can get lost in the jungle of policies.  Thanks.

~bruno71
0
 
johnb6767Commented:
http://www.esoft.com/support_docs/GroupPolicyEditor.pdf

Some good screenshots.... Just use a bogus proxy like 127.0.0.1, and make sure you add teh sites you want EXCLUDED in the right hand box.....
0
 
bruno71Author Commented:
Thanks John...that worked great.  It also affected Firefox, but in the Firefox settings I changed it from "Use system proxy settings"  to "No proxy".  It seems to be working.  Thanks again.

~bruno71
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now