The firewall can be used to block websites, certain applications, specific IP addresses, and even ports. This is achieved by configuring the Windows Firewall to block or allow incoming or outgoing packets by filtering each one. In this post, we discuss how you can use Windows Firewall to configure website filtering, IP filtering, application filtering, and port filtering. This can be done using the Firewall itself and through Windows PowerShell. But before we do, let us discuss what exactly Windows Firewall is, how it works, and who needs to configure it.
What is Windows Firewall
Windows Firewall, or Windows Defender Firewall, is a Microsoft software application embedded with the operating system. It is used to filter the incoming and outgoing traffic of data packets from your system via the network, whether wireless or wired.
What is Windows Firewall Who Needs to Configure Windows Firewall Pros and Cons of Allowing/Blocking Using Windows Firewall How to Block/Allow IP Address or Website/Domain on Windows How to Find the IP Address of Website From Windows Firewall Using PowerShell Edit Existing Firewall Rule using PowerShell Delete Firewall Rule using PowerShell How to Block/Allow Network Ports on Windows From Windows Firewall Using PowerShell How to Block/Allow Apps or Programs on Windows From Control Panel From Advanced Firewall Settings Using PowerShell Closing Thoughts
By default, the Windows Firewall is enabled and configured to allow all sorts of traffic to come or go from your PC. However, you can alter its settings to apply filters and block the packets. Each packet contains a header and a payload. The header has both the destination and the source IP addresses, amongst other information. Windows Firewall filters the traffic using these IP addresses, port information, and other data by examining each packet. If the firewall finds a rule to block or allow the traffic for a certain app, IP address, website, or port, then it performs the respective action on those respective packets, which is how the filtration process works.
Who Needs to Configure Windows Firewall
Applying new rules to Windows Firewall doesn’t need to be done by every user. Depending on what your requirements are, you can configure the firewall accordingly. Most home users do not need to perform any actions on the firewall if it is for personal use. However, if their children are also using the same computer, then they can block prohibited apps and websites from being accessed. If you work inside an organization, then the Windows Firewall can be configured to block employees from accessing social media websites, or other unproductive online content. If you work on a system where all data is configured to be blocked through Windows Firewall, then you can add a rule to allow only certain types of traffic to pass through, while blocking all others. Before you start configuring the firewall, consider all the tangent pros and cons.
Pros and Cons of Allowing/Blocking Using Windows Firewall
Now that we understand how Windows Firewall works, you must also understand that each packet will be inspected before it is forwarded to its destination, whether it’s inbound traffic or outbound. This means added delay in your network and will seem like your internet is (slightly) slow. This will also significantly higher system resources when the firewall is inspecting the packets. On the contrary, configuring Windows Firewall also has benefits. You do not need external firewall hardware to filter the network traffic, saving costs. Additionally, configuring the firewall will prevent potential attackers from accessing your PC remotely, keeping your system as well as your data secure. Moreover, you will be prompted when an app or program is trying to access the internet, giving you will control over whether or not to permit it. Hence, configuring the integrated firewall enhances your privacy.
How to Block/Allow IP Address or Website/Domain on Windows
The Windows Firewall is unable to filter any packets using URLs. Hence, if you wish to allow or block a website, you must first determine its IP address or range of IP addresses. This limitation makes the method to block an IP address or a website very similar. If you are not sure which IP address(es) you need to block, follow the steps in the given section below to determine the IP address of a domain/website. If you do know which IP address to block, then skip this next section and learn how to allow/block an IP address using either Windows Firewall or PowerShell from the given sections under it.
How to Find the IP Address of Website
You can use either of the following cmdlets in an elevated PowerShell to find the IP address or range of IP addresses for a website/domain. Replace website.com with the domain name. You may now get 1 or more IP addresses in return (both IPv4 and IPv6). Note them down and then continue to the next step to allow or block this website’s IP address(es).
From Windows Firewall
If you know which IP address you wish to block or allow, follow these steps to do so using Windows Firewall: The Windows Firewall will now block the IP address(es) or website. However, since some websites have many different IP addresses rerouting to the destination address, one rule may not completely block the website. Click Ok when entered. Note: You can also select This IP address range if you want to allow or block a range of IP addresses, and then fill in the IP address range details in the From and To text fields.
Allow the connection: If you want to allow the IP address(es). This will be used if your default policy is set to block all connections. Block the connection: If you want to block the IP address(es).
Click Next when selected. If it did work, then accessing a blocked website will show you the following statement: If you later want to undo your action by allowing a blocked website/IP address, or blocking an allowed website/IP address, all you need to do is either change the rule you created, disable it temporarily, or simply delete it. To disable or delete the outbound rule, navigate to the Outbound Rules folder inside the Advanced Windows Firewall settings, right-click on the rule, and click either Disable Rule or Delete from the context menu.
Using PowerShell
If you know which IP address you wish to block or allow, follow these steps to do so using Windows PowerShell: Note: These steps guide on how to create a new rule to allow or block IP address(es). If you wish to change the setting of an existing rule using PowerShell, continue to the section below. A new rule in Windows Firewall will now be created by the custom name you entered. However, the steps above only apply to creating a new rule. If you wish to undo these changes, you either need to use the steps given below that apply to an existing firewall rule, or delete this rule. You can optionally add “/” followed by a subnet mask after the IP address if you want to allow or block the complete subnet.
Edit Existing Firewall Rule using PowerShell
To allow a blocked IP address/website for which there is already a firewall rule in place, use this cmdlet: To block an allowed IP address/website for which there is already a firewall rule in place, use this cmdlet:
Delete Firewall Rule using PowerShell
To delete a rule, you need to use the GUID for the firewall rule which we noted earlier when creating the rule. Replace [GUID] with the noted GUID in this cmdlet to delete the associated firewall rule: If you do not have the associated GUID, use the following cmdlet to obtain the GUIDs of all the outbound firewall rules. For inbound rules, replace “outbound” with “inbound.”
How to Block/Allow Network Ports on Windows
Network ports are used by Windows services and applications to send and receive data over the network. On top of a unique IP address, a port defines what application or service on that particular device to send that information to. You can allow or block these network ports using Windows Firewall as it makes your system safer. Open ports that are listening can be dangerous as they increase the attack surface area for hackers. Learn how to check which ports are open/listening. Blocking a port using a firewall is the same as closing it. Ports can be blocked or allowed using both Windows Firewall and PowerShell.
From Windows Firewall
Follow these steps to block a port from listening or allow it on your computer using Windows Firewall: The specific port will now be allowed to listen on or be blocked, depending on what you selected in Step 5 above.
Allow the connection: If you want to allow the IP address(es). This will be used if your default policy is set to block all connections. Block the connection: If you want to block the IP address(es).
Click Next when selected. If you feel like removing or disabling this rule in the future, all you need to do is either change the rule you created, disable it temporarily, or simply delete it. To disable or delete the outbound rule, navigate to the Outbound Rules folder inside the Advanced Windows Firewall settings, right-click on the rule, and click either Disable Rule or Delete from the context menu.
Using PowerShell
Follow these steps to block a port from listening or allow it on your computer using Windows PowerShell: A new rule in Windows Firewall will now be created by the custom name you entered to allow/block the network port. However, the steps above only apply to creating a new rule. Replace [CustomName] with a name for the rule, and [Port] with the port that you want to allow or block. Also, replace [ActionToPerform] with either “Allow” or “Block” depending on whether you want to allow or block the port. If you wish to undo these changes, you either need to edit an existing firewall rule or delete it.
How to Block/Allow Apps or Programs on Windows
You can also block an application or a Windows program from accessing the internet by blocking it through Windows Firewall. This can be done using the advanced Windows Firewall settings, through the “allowed apps” settings in the Control Panel, and using Windows PowerShell.
From Control Panel
Follow these steps to allow or block an app or program using the Control Panel: The application or program will now be allowed or blocked from accessing the network by Windows Firewall. If you want to undo these changes in the future, simply use the checkboxes to allow or disallow them. You should now be able to manage the allowed apps through the checkboxes which were previously grayed out.
From Advanced Firewall Settings
You can also block or allow an app or program from transmitting outbound data using the advanced Windows Firewall settings. Here is how: The application will now be successfully allowed or blocked from accessing the network. However, the app will still run on your computer.
Allow the connection: If you want to allow the IP address(es). This will be used if your default policy is set to block all connections. Block the connection: If you want to block the IP address(es).
Click Next when selected. If you feel like removing or disabling this rule in the future, all you need to do is either change the rule you created, disable it temporarily, or simply delete it. To disable or delete the outbound rule, navigate to the Outbound Rules folder inside the Advanced Windows Firewall settings, right-click on the rule, and click either Disable Rule or Delete from the context menu.
Using PowerShell
Follow these steps to create a Windows Firewall rule to allow or block an app using Windows PowerShell: A new rule in Windows Firewall will now be created by the custom name you entered to allow/block the network port. However, the steps above only apply to creating a new rule. Replace [CustomName] with a name for the rule, [ActionToPerform] with either “Allow” or “Block” depending on whether you want to allow or block the application, and [ProgramPath] with the complete path for the .EXE file for the program. If you wish to undo these changes, you either need to edit an existing firewall rule or delete it.
Closing Thoughts
The Windows Firewall is a handy software when it comes to filtering internet traffic on your PC. This is excellent for parents to control what their children can and can’t access. We would also like to add that the methods described in this post can be manipulated as per your needs. For example, if you want a port to work internally but not communicate over the network, you can create an inbound firewall rule for it instead of an outbound rule.
