Why would you want to block sites? Maybe you have kids you don’t want going to specific places on the internet. Maybe you’re trying to cut down on data usage because of a bandwidth cap forced upon you by your ISP. No matter the reason, people do have need to block specific sites from time to time.
It’s an unfortunate truth that there isn’t a simple 1-2-3 method for when you want to block.
Here are some of your options:
The router itself
On a basic level, a router allows you to block only ports. On an advanced level, you can block specific domains. However it’s all dependent on whether or not your router has a domain-specific block feature, which is most likely what you want to do. Unfortunately, most basic routers won’t do that per the administration program it uses.
Windows Firewall
The firewall used in Windows whether it’s in XP, Vista or 7 is application and port specific, but not domain specific to the best of my knowledge. What this means is that you can block specific ports, and block specific programs from network use, but cannot say "don’t load X web site" with it. It’s an "all-or-nothing" type of application-specific solution in most instances.
Windows MMC
The Microsoft Management Console (Start/Run/type mmc/click OK) is not easy to use for those who have never used network policies before.
To enable a policy for a specific network address in XP, you have to first add the Snap-in "IP Security Policies on Local Computer", then create a security policy. It is a difficult, tedious process that requires many steps, and it probably won’t deliver the results you’re looking for.
MMC by and large is better for managing other computers on your network instead of your own.
In Windows 7, the "Advanced" section of the Windows Firewall does in fact use MMC, but it’s still complete gibberish to those who have never used it. All you want to do is say, "I want X web site not to be available from any program on this PC, period." Not even in Windows 7 is this easy to do with its existing firewall software.
HOSTS file
Every modern OS has a HOSTS file where you can easily redirect specific domain names to root. This technically is not blocking a web site, but rather redirecting it. That’s fine since the end result is that the site won’t load, and that’s what you wanted to happen.
An example would be:
yahoo.com 127.0.0.1 www.yahoo.com 127.0.0.1
127.0.0.1 is root, as in your PC. On attempt to load either http://yahoo.com or http://www.yahoo.com (and yes the two are different), the browser will report that it cannot make a connection.
The biggest issue with a HOSTS file is that it doesn’t support wildcard entries. Or at least in Windows it doesn’t.
Using the above example, www.yahoo.com won’t load, but search.yahoo.com will.
If you added an entry of *.yahoo.com, that doesn’t work. Every subdomain must be entered manually to be redirected to 127.0.0.1.
The single largest drawback of the HOSTS method, particularly on XP, is that anybody that has access to the HOSTS file can simply delete it and remove all the redirects – and a reboot isn’t even required.
Browser add-on
One add-on that is positively genius in its simplicity is BlockSite for Firefox. And don’t worry, if you’re running 3.5 or 3.6, it’s available.
BlockSite does support wildcard entries. If you make an entry of:
*yahoo*
..any domain with yahoo in it will be blocked.
What’s even better is that you can configure the entries to be password protected, so if someone else wanted to go in and remove some of those blocks, they can’t unless they have the password.
If only this were available for IE..
Software-based firewall
This is usually the solution most people prefer because of the following reasons:
- It’s the easiest to manage.
- It will block all programs from accessing sites you block.
- It (usually) does not slow down your internet connection at all.
There are many software firewalls available whether you’re using Windows, Mac or Linux.
On the Windows side, you can use the built-in Windows Firewall or any number of other 3rd-party software such as Agnitum, Comodo, Core Force, GhostWall, Kaspersky, Lavasoft, ZoneAlarm and several others.
The only real drawback to using a software-based firewall is that it will at times get in your way, so a key feature to look for is: How easy is it to turn it off temporarily?
Do you (or have you) use any of the above software-based firewalls?
How easy or difficult is it to block a specific web site? Is the feature even there? Is it as easy as using BlockSite for Firefox? Let us know by writing a comment or two.
The PCMech.com weekly newsletter has been running strong for over 8 years. Sign up to get tech news, updates and exclusive content - right in your inbox. Also get (several) free gifts.
One other possible solution is to use OpenDNS. You need to get a free account and then configure your computer and/or router to use OpenDNS Srevers, but once that is set up, you can selectively block some websites. It’s not a perfect system but is another tool that I find useful.
I agree with you Stacey. OpenDNS is one of the best solutions available. You only have to install a small piece of software to update your IP address from time to time unless you have a static IP.
Personally I use Kaspersky Internet Security 2010. But OpenDNS is a better solution, especially if you want to block multiple PCs in a network from accessing porn sites and other unnecessary stuff.
My wife said, that the IT guys at her office is using Open DNS to block YouTube, Facebook etc. LOL…
I am using D-Link DIR-300 Wifi router which cost around 1700 bucks here in India (Don’t know how much in US) it has option called parental control through which one can block any specific sites (upto 25 I think) and allow other sites but what I found interesting is that it also have feature to block all the sites and allow only specific sites so its works in both way.
My experience with WebWatcher computer monitoring software has been a satisfying and re-assuring one. This is a great software to use when you want to monitor the web activities on kids, teenagers and even spouses. If you have ever wondered what your spouse or kids view online while you were away, then you can’t go wrong with this one.
At our library we use a combination of hosts files, a firewall, and proxy server to accomplish this.
Use some firewalls to block the sites.
DNS settings will also serve purpose.
We can use some firewalls and DNS setting , It’s very good to protect our kids at home but still if the kids are growing and enough to know about how to break in the block site, and that will be another story since we know a lot of software to do that.
I have used Win Patrol for several years and have installed it on many friends computer. It even has a window where you can access your host files if you want to edit them.The first thing I do after installing the OS or cleaning out virus and malware, before going on line, is turn off Windows firewall and install Win Patrol. Never a problem.
Not allowing wildcards in the hosts file is weak. A malicious website could simply change their domain prefix and always stay ahead your hosts file.