Approx. start date
Aug 25, 2018
List of current issues
Edge browser won't connect
Steps taken, but unsuccessful?
Made outbound rules for Edge.

oldschool

Level 23
Verified
I need some help configuring Windows Firewall. I want to block all outbound connections and enable only essential Windows processes and those apps I use, including Edge browser. I can get Firefox to connect but not Edge. I've read as much as I can find on the web, especially How To Geek, GHacks, etc., but still no luck. Making basic rules seems simple enough but I am missing something. I know I could use a 3rd party app but I wish to learn how to do this within the native Windows environment and I don't want or need a bunch of notifications. Any help is appreciated.
 
Reactions: BryanB and Nestor

TairikuOkami

Level 21
Content Creator
Verified
Unless you use store and other Windows stuff, like Cortana, there is no need to allow any Windows app, except svchost.exe. It is used for Windows updates, obviously, and as DNS resolver, unless you setup your DNS manually, then every software makes its own DNS requests.

This is, what I would use as a basic template just for the browser and svchost. DNS servers being: 156.154.70.2,156.154.71.2
Code:
netsh advfirewall firewall add rule name="Svchost DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%WINDIR%\System32\svchost.exe"
netsh advfirewall firewall add rule name="Svchost TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%WINDIR%\System32\svchost.exe"
netsh advfirewall firewall add rule name="Yandex DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
netsh advfirewall firewall add rule name="Yandex TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
EDIT: LiveTcpUdpWatch is essential, I would not be able to create any rules without it, it shows everything, what others like currports fail to see.
 

oldschool

Level 23
Verified
Thanks, but coding is way above my pay grade! :) I'm only willing to use the WF GUI. Is there another way? :emoji_thinking:
 
Reactions: BryanB

oldschool

Level 23
Verified
@Umbra & @TairikuOkami - I'm using TinyWall now, which I really like, so don't need the other apps. I'm challenging myself to try the WF UI, in case TW becomes unusable in the future, Windows changes, etc. What processes would I need to make rules for? Any besides Scvhost?
 
Reactions: BryanB

Local Host

Level 12
What you looking for is the Edge Content Process, is the only Edge Process you need to allow for Edge to work (as a browser).

Is around "C:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedgecp.exe".

There are two other processes related to Edge (but you won't need to allow these two),

"C:\windows\system32\microsoftedgesh.exe"
"C:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedge.exe"

Also svchost is unrelated to the browser and you'll need to allow more than svchost for Windows to work properly, like the backgroundtaskhost and taskhostw.

As a suggestion would be a good idea to allow the smartscreen as well.
 
Last edited:

oldschool

Level 23
Verified
What you looking for is the Edge Content Process, is the only Edge Process you need to allow for Edge to work (as a browser).

Is around "C:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedgecp.exe".

There are two other processes related to Edge (but you won't need to allow these two),

"C:\windows\system32\microsoftedgesh.exe"
"C:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedge.exe"

Also svchost is unrelated to the browser and you'll need to allow more than svchost for Windows to work properly, like the backgroundtaskhost and taskhostw.

As a suggestion would be a good idea to allow the smartscreen as well.

Thanks so much. I included the one Edge Process in my rule so I must have done something wrong :rolleyes: but I will continue with the help offered so far. As @RoboMan told me, "You have to break in order to fix." :)
 
Reactions: RoboMan and BryanB