Restrict web except for one or two sites

I have a need to lock down several laptops on our wireless network.  These laptops can only be allowed to access the internet.  However, they can only access one or two websites.  

I've tried entering the website into the "proxy" settings which will work except for my site is https and that doesn't work.

I see I could potentially use the local windows 7 firewall, but I can't seem to figure out how to configure it so I can restrict websites.

Any information would be extremely helpful.

Who is Participating?
One way is a homemade browser. I did this once with and the Browser control. Then I disabled the other browsers. They went through mine and it had a drop down list of choices.  This is trivial to accomplish if you can program in DotNet.

There are also parental settings on browsers that may have a white list.  I suppose that if they were pointed to a proxy server that you control you could set that up to only allow certain websites. If you have a hardware filewall appliance you can almost definitely check their MAC or something and whitelist two websites and block the rest.
You can try  going to Start -----> Control Panel ------> Internet Options

Click on the Security tab

You can Click on Trusted sites and the Sites button and add URLs


You can Click on Restricted sites and the Sites button and add URLs for restrictions.
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

jpierce26Author Commented:

Your solution seems too complicated, i want to use the native OS to restrict sites.


I have tried your solution and it doesn't work.  I only allow one or two sites, and block the rest.

Mohammed RahmanCommented:
Unfortunately we cannot set exceptions in Windows 7 Advance Firewall. You can block all sites to all users OR all sites to specific users. But, I did not come across an option where we can block all sites and allow a few.

** You can probably set a rule on the Router/Modem (gateway to these PCs). That would be more effective I guess.

You can also enter a non existing proxy IP as below and also have exceptions to allow few sites and block all.
Deny Internet Access via ProxyYou should also disable (restrict) access to Connections Tab under Internet Explorer settings so that the users cannot remove proxy and start accessing internet.

To do so, please follow steps below.

In Run, type -- gpedit.msc
Under User Configuration -- Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel
Open Disable the Connections page and select "enabled"
This will remove the Connections Page from Internet Options.
jpierce26Author Commented:
thanks Mody2579.  That information was helpful.

I did decide to use the Microsoft Live product called "Windows Live Family Safety".

This solution works beautifully for me.

Thanks again,

jpierce26Author Commented:
Second link pointed me to the Microsoft Live Family Safety which worked great.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.