none
how do i block web sites one my windows 8 pc

    Question

  • Hello there I cant seam to figure out how to block web sites on my windows 8 pc. and windows rt tablet.  what is the best way to block content with out making up an administrator and with out download additional ap/ program.   I am trying to block some site on my company work computers
    Sunday, November 25, 2012 12:10 AM

Answers

  • Realistically, if you grant your users Adminstrative privileges (which I personally think is a Good Thing), then a desire to completely control their behavior is a basic disconnect, and the surfing of inappropriate sites is really a management problem, not a technical one.

    In cases where you want to affect the behavior of the masses and achieve your goal substantially, my suggestion was and is to repeatedly push hosts files to their computers (e.g., every night).  Doing it in your DNS server isn't a bad idea either.

    Thus it doesn't become impossible for a user to surf to a site that's blocked, but it becomes less convenient for the bunch of them to do it, so the problem is reduced.  Those who really know what they're doing will get around anything you choose to do, and the rest will just do what's convenient.

    Any time IT takes draconian measures, and especially if they're not responsive to user requests for exceptions, you create a sucky work environment.  It's not hard to imagine IT completely blocking a site from which a particular user might actually need some important piece of information, for work-related purposes.  That you've already decided to trust users with Administrative privileges says that you're not fostering that kind of work environment, and I encourage you to continue.

    You really don't want to get into a situation where your users decide that to get their work done they need to shut you out.  Instead, keep in mind you're working to facilitate their work, and so they need to regard you as helpful, not hurtful.

    -Noel


    Detailed how-to in my eBooks:  

    Configure The Windows 7 "To Work" Options
    Configure The Windows 8 "To Work" Options


    Monday, November 26, 2012 6:08 PM

All replies

  • Why you want to block website?

    If the website contains Malware, you could go to tools and Safety and then Report Unsafe website and report it.

    If you want block website for another account , you could use parental control.

    Another way is to add the website in the Windows Host file and redirect it to undefined address.

    Sunday, November 25, 2012 2:40 AM
  • The web sites that my employees are visiting  do not contain any malware.  there are just spending to much time on inappropriate sites.  and I would like to block them from these sites.  without taking away administrative power from them. 

    for this windows host file how do I get to it?  because it seams that would be the best for me to us.  I thank you for your suggestions

    Sunday, November 25, 2012 5:47 AM
  • On Sun, 25 Nov 2012 05:47:36 +0000, egor9z wrote:

    The web sites that my employees are visiting? do not contain any malware.? there are just spending to much time on inappropriate sites.? and I would like to block them from these sites.? without taking away administrative power from them.

    If your users are local administrators then there is nothing you can
    configure that they won't be able to undo.


    Paul Adare
    MVP - Forefront Identity Manager
    http://www.identit.ca
    The attention span of a computer is only as long as its power cord.

    Sunday, November 25, 2012 8:02 AM
  • you can use proxy server for this purpose. 

    Jiri Cvrk, proud Windows M8nkey Edition user

    Sunday, November 25, 2012 8:12 AM
  • I'm not sure what you mean by "with out making up an administrator", but to make substantive changes on a computer to do things like block web sites users would normally need at least momentary administrative access. 

    One of the essential "To Work" layers of extra security I like to add to my systems is to add items to the hosts file Windows uses that cause accesses to named web servers to be redirected to the localhost (127.0.0.1) - essentially blocking them.  I found a great web site where they've compiled a big list of what they call "parasites".

    http://winhelp2002.mvps.org/hosts.htm

    Adding their information to your hosts file will instantly block all kinds of malicious, ad, tracking, and otherwise predatory web sites.  And of course you could add your own.

    If they're local administrators, as has been said above there's little you can do to block them, but you could still push hosts file updates to their computers regularly.

      

    -Noel


    Detailed how-to in my eBooks:  

    Configure The Windows 7 "To Work" Options
    Configure The Windows 8 "To Work" Options

    Sunday, November 25, 2012 1:52 PM
  • As it is a work network, you can specify DNS on your DHCP server, add 127.0.0.1 and the address into the work DNS server.
    Monday, November 26, 2012 12:41 PM
  • On Mon, 26 Nov 2012 12:41:56 +0000, Dave Jukes wrote:

    As it is a work network, you can specify DNS on your DHCP server, add 127.0.0.1 and the address into the work DNS server.

    If the users are local admins on their laptops this still isn't going to work as they can simply point to an external DNS server.

    As long as the users are local admins the only real solution is to ensure that you have control over any route from the internal network to the Internet and then control access at that point. As Jiri pointed out a proxy server would fit the bill but you'd need to ensure that there is no way to bypass the proxy.


    Paul Adare
    MVP - Forefront Identity Manager
    http://www.identit.ca
    I must have slipped a disk; my pack hurts.

    Monday, November 26, 2012 1:56 PM
  • Realistically, if you grant your users Adminstrative privileges (which I personally think is a Good Thing), then a desire to completely control their behavior is a basic disconnect, and the surfing of inappropriate sites is really a management problem, not a technical one.

    In cases where you want to affect the behavior of the masses and achieve your goal substantially, my suggestion was and is to repeatedly push hosts files to their computers (e.g., every night).  Doing it in your DNS server isn't a bad idea either.

    Thus it doesn't become impossible for a user to surf to a site that's blocked, but it becomes less convenient for the bunch of them to do it, so the problem is reduced.  Those who really know what they're doing will get around anything you choose to do, and the rest will just do what's convenient.

    Any time IT takes draconian measures, and especially if they're not responsive to user requests for exceptions, you create a sucky work environment.  It's not hard to imagine IT completely blocking a site from which a particular user might actually need some important piece of information, for work-related purposes.  That you've already decided to trust users with Administrative privileges says that you're not fostering that kind of work environment, and I encourage you to continue.

    You really don't want to get into a situation where your users decide that to get their work done they need to shut you out.  Instead, keep in mind you're working to facilitate their work, and so they need to regard you as helpful, not hurtful.

    -Noel


    Detailed how-to in my eBooks:  

    Configure The Windows 7 "To Work" Options
    Configure The Windows 8 "To Work" Options


    Monday, November 26, 2012 6:08 PM