Guide | How To How to block websites in Windows Firewall guide

The associated guide may contain user-generated or external content.


Thread author
Staff Member
Jan 14, 2015
As some users are not aware in how to block websites in Windows Firewall and due to a recent discussion about such topic, below is a guide in how to create rules to block websites in Windows Firewall:

1. Open Windows Firewall from the Control Panel;

2. Select Advanced Settings;

On windows 10 just search for Windows Firewall in the search bar and choose Windows Firewall with Advanced Settings

3. Select Inbound Rules from the left panel. Select New Rule from the right side (Action window);

4. Select Custom (Custom rule) and click Next;

5. All Programs should be selected and click Next;

6. Click next on the Protocols and Ports page (leave as it is);

7. In the scope page enter the IP (i.e. but not www) address of the site you want to block in the "Which remote IP addresses does this rule apply to?" section;

8. Select Block the connection on the Action page, click Next;

9. Leave all boxes checked on Profile page if you don't ever want to see the website on any network connection, modify if you want to allow on a Domain, Public or Private Network;

10. Enter a name for the new rule you created and click Finish;

11. Select Outbound Rules from the left panel and repeat ALL steps precisely from above.

Side note: any rules can be edited later if you want to add more IP addresses to block.


Obtaining website IP address:
  1. Enter domain URL and Scan
  2. Wait for results...
  3. Click on IP Address tab

Alternatively one can use "ip and domain" extension for either Firefox or Google Chrome.


Level 12
Honorary Member
Top Poster
Mar 23, 2015
I think, for users who do not have the problem of DNS cache pollution, the most direct way to get the IP address corresponding to a domain is to use the nslookup command.

First, you need to run cmd.exe. Then, enter the following command:

Here you need to replace with the domain of which you want to know the IP address, and replace with the DNS server that you like. If you do not specify a DNS server here, then the command nslookup will use the default DNS server specified in the network config.


Level 17
Top Poster
Mar 17, 2016
hi guys, thank you for the guide.
anyway ,since I'd like to use windows firewall controll,to block also outgoing communications, I look for a guide to do that.
because i suppose that before adding a website to you "blacklist" you should discover that it is a malicious website. i look for something to prevent unknow threats. without using third-party av-fw
thank you in advance


Level 10
Mar 24, 2017
I'm just looking at this and I don't think that this is a good idea. You should be aware that you can have more than one website on the same server with the same IP. There is such a thing as shared hosting. You would be better off editing the host file instead.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.