Why would you want to block sites? Maybe you have kids you don’t want going to specific places on the internet. Maybe you’re trying to cut down on data usage because of a bandwidth cap forced upon you by your ISP. No matter the reason, people do have need to block specific sites from time to time.

It’s an unfortunate truth that there isn’t a simple 1-2-3 method for when you want to block.

Here are some of your options:

The router itself

On a basic level, a router allows you to block only ports. On an advanced level, you can block specific domains. However it’s all dependent on whether or not your router has a domain-specific block feature, which is most likely what you want to do. Unfortunately, most basic routers won’t do that per the administration program it uses.

Windows Firewall

The firewall used in Windows whether it’s in XP, Vista or 7 is application and port specific, but not domain specific to the best of my knowledge. What this means is that you can block specific ports, and block specific programs from network use, but cannot say "don’t load X web site" with it. It’s an "all-or-nothing" type of application-specific solution in most instances.

Windows MMC

The Microsoft Management Console (Start/Run/type mmc/click OK) is not easy to use for those who have never used network policies before.

To enable a policy for a specific network address in XP, you have to first add the Snap-in "IP Security Policies on Local Computer", then create a security policy. It is a difficult, tedious process that requires many steps, and it probably won’t deliver the results you’re looking for.

Read More:  PortableApps With USB

MMC by and large is better for managing other computers on your network instead of your own.

In Windows 7, the "Advanced" section of the Windows Firewall does in fact use MMC, but it’s still complete gibberish to those who have never used it. All you want to do is say, "I want X web site not to be available from any program on this PC, period." Not even in Windows 7 is this easy to do with its existing firewall software.

HOSTS file

Every modern OS has a HOSTS file where you can easily redirect specific domain names to root. This technically is not blocking a web site, but rather redirecting it. That’s fine since the end result is that the site won’t load, and that’s what you wanted to happen.

An example would be:

www.yahoo.com is root, as in your PC. On attempt to load either http://yahoo.com or http://www.yahoo.com (and yes the two are different), the browser will report that it cannot make a connection.

The biggest issue with a HOSTS file is that it doesn’t support wildcard entries. Or at least in Windows it doesn’t.

Using the above example, www.yahoo.com won’t load, but search.yahoo.com will.

If you added an entry of *.yahoo.com, that doesn’t work. Every subdomain must be entered manually to be redirected to

The single largest drawback of the HOSTS method, particularly on XP, is that anybody that has access to the HOSTS file can simply delete it and remove all the redirects – and a reboot isn’t even required.

Read More:  How We Record Video For The Web

Browser add-on

One add-on that is positively genius in its simplicity is BlockSite for Firefox. And don’t worry, if you’re running 3.5 or 3.6, it’s available.

BlockSite does support wildcard entries. If you make an entry of:


..any domain with yahoo in it will be blocked.

What’s even better is that you can configure the entries to be password protected, so if someone else wanted to go in and remove some of those blocks, they can’t unless they have the password.

If only this were available for IE..

Software-based firewall

This is usually the solution most people prefer because of the following reasons:

  1. It’s the easiest to manage.
  2. It will block all programs from accessing sites you block.
  3. It (usually) does not slow down your internet connection at all.

There are many software firewalls available whether you’re using Windows, Mac or Linux.

On the Windows side, you can use the built-in Windows Firewall or any number of other 3rd-party software such as Agnitum, Comodo, Core Force, GhostWall, Kaspersky, Lavasoft, ZoneAlarm and several others.

The only real drawback to using a software-based firewall is that it will at times get in your way, so a key feature to look for is: How easy is it to turn it off temporarily?

Do you (or have you) use any of the above software-based firewalls?

How easy or difficult is it to block a specific web site? Is the feature even there? Is it as easy as using BlockSite for Firefox? Let us know by writing a comment or two.