I have 3 workstations. 3 are windows 7 and 1 is windows 10. I need to block one website from these machines. I'm trying to figure out if I can do it locally. They are all on the domain. Is there a way I can block a certain website at the machine level? the are using both Chrome and IE 11 the site is an http://x.x.x.x:port/xxx/xxx
Windows 10Internet Explorer (IE)Windows 7
Last Comment
kevinhsieh
8/22/2022 - Mon
Alex
No is the short answer, not without 3rd party software, you're better off blocking it on your router or firewall.
You could edit the Host file with the domain name and point it to 127.0.0.0 or something.
Adding the IP address of the offending site to hosts will block access to the site via URLs of the form http(s)://aaa.bbb.ccc.ddd
However, it won't block access if the site is accessed by its hostname. For that another hosts entry is required.
Further, if the offending site is located on a server farm, or if it uses dynamic DNS, its IP address can change without notice.
But if the users are at all inclined to be uncooperative or are even a little bit clever, they'll go out and access the forbidden site through an open proxy, of which there are hundreds so they are impractical to block, or use a VPN, and any of these will bypass hosts, firewalls, routers and filters.
If that does not work, change 127.0.0.1 to be an IP address on your network that ISN'T the default gateway.
Then punch your users and put them on all a verbal warning
Phillip Monk
Since the computers are on a domain, I'll assume that you have Active Directory installed and that the DNS address that you PC's use is the address of the Domain Server as it's primary. In your DNS Manager on your Server, open the Forward Lookup Zone under your DC and create a New Zone. Name the zone the website you wish to block and don't create any records for it. Now all query to that website will be redirected by your server, to nowhere, hence blocking that website.
If you are attempting to block an IP address, the Firewall is the appropriate place, since it will faithfully dump all traffic with a deny rule.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Lee W, MVP
You can't block a web site through a host file using http://www.blah.com. You CAN block an entire internet name though. It won't JUST affect web sites. It affects FTP, Ping, and everything else internet based from going to the target site. In MOST cases, this is fine.
In short, DON'T make your host file entry something like these (THESE DON'T WORK!)
You can also block it for the entire domain by creating the zone for blah.com in your DNS. Then your DNS will think it should provide resolution for that domain and since nothing's defined will be unable to find blah.com
WellingtonIS
ASKER
Thanks I would but the site is only an IP so I can't. As for DNS there are other users needing to use this site so I can't just block it. This is a bit of a challenge.
Phillip Monk
I'd still use Windows Firewall to block the IP address on the identified PC's..
Unlimited question asking, solutions, articles and more.
WellingtonIS
ASKER
Nothing I try is working and I think this is because it's routed internally and not to the internet. This IP goes to my corporate office to allow users to clock in. I'm trying to block it on 4 specific machines because they are not supposed to use them to clock in but everything I've tried doesn't work. thanks for the suggestions.
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
You could edit the Host file with the domain name and point it to 127.0.0.0 or something.