When using a PC on the internet, you usually want programs and apps to be connected, so that you can browse the web, to download, play games, receive emails and messages.
This is certainly the case with regular apps, but there are also cases of programs that you do not want to be able to communicate externally, if you are afraid they may transmit private data or if you want to prevent an automatic update.
Usually it is used to block a game to block the multiplayer mode or any check in case the game was not original and regularly purchased.
You can also block programs from accessing the internet if they display annoying advertisements and ads that you want to remove.
You can also use the Windows Firewall to block all potential incoming connections in the wifi networks of bars and restaurants, to be sure that nobody can spy on your computer data.
Regardless of the reason, you can block internet access for a specific program using the Windows Firewall (which is the same in Windows 10 and also Windows 7 and Windows 8.1), creating rules or, simply, removing the permissions from the list.
READ ALSO: Control and management of the Windows Firewall
Create a rule in the Windows Firewall
To create a rule on the Windows firewall, you must first open the advanced firewall interface.
Then open the Control Panel to find the Windows Firewall which in Windows 10 is called Windows Defender Firewall .
In the Firewall window, press on Advanced Settings to open what is called Windows Firewall with advanced security .
The advanced security window is not so simple to use and it is recommended for those who have no experience to follow the procedure of creating the rules step by step to avoid mistakes.
Create Outbound Connection Rules
In the navigation pane on the far left, click on " Outgoing connection rules ".
In the center, many firewall rules will already be displayed to block outgoing connections.
The list will already be very large because, every time an app or program wants to transmit data over the internet, it asks the user for authorization through a window which is usually OK.
It is worth checking the list to see if the program we want to block is present.
In this case, delete the authorization rule that concerns him.
To create a blocking rule, go to the box on the right and click on " New rule ".
In the " New Outbound Connection Rule Wizard ", use the " Program " option and go Next .
In the " Program " screen, select the " program path " option, press Browse and search for the path of the program (which is always an .exe file such as, for example, firefox.exe) that you want to block.
Before pressing Next, stop for a moment to look at the path that in my example is % ProgramFiles% \ Mozilla Firefox \ firefox.exe .
The one among the% symbols is the environmental variable of the programs folder, which should be replaced with the exact path to avoid making mistakes in the following steps.
To do this, when the Browse window opens in search of the exe file to be blocked, press on the path at the top and make the copy.
Then go back to the Firewall and in the path box paste the copied one, which will be C: \ Program Files \ Mozilla Firefox and add firefox.exe.
Eventually it will be C: \ Program Files \ Mozilla Firefox \ firefox.exe .
Bear in mind, moreover, that to block a program you do not always have to select its exe file, which can only be the launch file.
For example, a game like Minecraft can be stopped by selecting not the minecraft.exe file, but the Javaw.exe file instead.
This however is an infrequent case.
Going on after selecting the path, you get to the " Operation " tab.
Here select the option " Block connection " and go next .
Continuing the wizard,
In the "Profile" screen you are asked to select when to apply the rule, with three options:
- Domain : the rule applies when a computer is connected to a domain.
- Private : the rule applies when a computer is connected to a private network, such as the home or small business network.
- Public : the rule applies when a computer is connected to a public network, for example the wifi of a bar or hotel.
From the guide on How to set up the private or public network in Windows, we say that the home network is private, trusted and protected by the proprietary router, the bar's wifi network is public, because anyone can access it and you do not have control over the router which can also register connections.
In case you want to protect a program from connecting to public wifi, mark Public, otherwise, if you want to block in any case, apply it to all networks, both private and public and Domain.
The final step is to give the rule a name, where it is important to make it recognizable (for example, Block Firefox ).
A new entry will have been included in the list of outbound connection rules and the program (Firefox in this example) will not be able to access the internet to communicate externally and download data, in a total way.
You can also refine the rule and modify it at any time, adding exceptions (for example making sure that the application cannot access the Internet but can connect to another PC on the network).
To do this, on the first tab that of the Type of rule, choose Custom (here, however, you need to be a little expert and know the differences between network protocols).
Create Inbound Connection Rules
The same procedure seen above can be done by selecting the rules for incoming connections from the side menu of the Windows Firewall with advanced security window.
The difference between inbound and outbound connections is as follows:
The inbound firewall rule blocks or allows other systems to connect to our PC, for example, Windows file sharing, ftp, web server, etc.
Outbound rules allow system applications to connect to other systems which are, for example, a website, a message or a file download.
Typically, incoming rules are not used on the home PC, but are used only on secure corporate networks.
You can certainly create an inbound connection rule identical to the outbound one to block a program, but it is almost always superfluous.
Inbound rules can be used with programs such as the Torrent or Emule client, both inbound and outbound traffic must be allowed, for which it always recommends creating a rule that authorizes it.
In case of errors, see here how to restore the Windows Firewall if the connection of a program is blocked .
Alternative and faster way to block one or more programs on the net and on the internet
Without creating rules, you can use the main Windows Firewall window to block a program
Open The Firewall from the Control Panel and then press on Allow apps or features through Windows Firewall
In the list window you can check or uncheck the box next to each item to allow or block it, on private or public networks.
In this case, however, a total block is not created, but the authorization to access the internet for the deselected apps is simply removed.
Block all programs from the incoming connection
There are occasions when it is safer to block all incoming data connections on your computer, for example if you are using the unsecured Wi-Fi connection of an airport, restaurant or hotel, where malware could access your PC.
To disable all incoming connections with Windows Firewall, open the Windows Firewall window and then click on the link on the left Change notification settings .
In Public Network Settings, select Block all incoming connections including those in the list of allowed apps and press OK.
With this setting enabled, you can still browse the web and send emails, even if other programs are blocked.
READ ALSO: Best Free Firewalls for Windows PC
This is certainly the case with regular apps, but there are also cases of programs that you do not want to be able to communicate externally, if you are afraid they may transmit private data or if you want to prevent an automatic update.
Usually it is used to block a game to block the multiplayer mode or any check in case the game was not original and regularly purchased.
You can also block programs from accessing the internet if they display annoying advertisements and ads that you want to remove.
You can also use the Windows Firewall to block all potential incoming connections in the wifi networks of bars and restaurants, to be sure that nobody can spy on your computer data.
Regardless of the reason, you can block internet access for a specific program using the Windows Firewall (which is the same in Windows 10 and also Windows 7 and Windows 8.1), creating rules or, simply, removing the permissions from the list.
READ ALSO: Control and management of the Windows Firewall
Create a rule in the Windows Firewall
To create a rule on the Windows firewall, you must first open the advanced firewall interface.
Then open the Control Panel to find the Windows Firewall which in Windows 10 is called Windows Defender Firewall .
In the Firewall window, press on Advanced Settings to open what is called Windows Firewall with advanced security .
The advanced security window is not so simple to use and it is recommended for those who have no experience to follow the procedure of creating the rules step by step to avoid mistakes.
Create Outbound Connection Rules
In the navigation pane on the far left, click on " Outgoing connection rules ".
In the center, many firewall rules will already be displayed to block outgoing connections.
The list will already be very large because, every time an app or program wants to transmit data over the internet, it asks the user for authorization through a window which is usually OK.
It is worth checking the list to see if the program we want to block is present.
In this case, delete the authorization rule that concerns him.
To create a blocking rule, go to the box on the right and click on " New rule ".
In the " New Outbound Connection Rule Wizard ", use the " Program " option and go Next .
In the " Program " screen, select the " program path " option, press Browse and search for the path of the program (which is always an .exe file such as, for example, firefox.exe) that you want to block.
Before pressing Next, stop for a moment to look at the path that in my example is % ProgramFiles% \ Mozilla Firefox \ firefox.exe .
The one among the% symbols is the environmental variable of the programs folder, which should be replaced with the exact path to avoid making mistakes in the following steps.
To do this, when the Browse window opens in search of the exe file to be blocked, press on the path at the top and make the copy.
Then go back to the Firewall and in the path box paste the copied one, which will be C: \ Program Files \ Mozilla Firefox and add firefox.exe.
Eventually it will be C: \ Program Files \ Mozilla Firefox \ firefox.exe .
Bear in mind, moreover, that to block a program you do not always have to select its exe file, which can only be the launch file.
For example, a game like Minecraft can be stopped by selecting not the minecraft.exe file, but the Javaw.exe file instead.
This however is an infrequent case.
Going on after selecting the path, you get to the " Operation " tab.
Here select the option " Block connection " and go next .
Continuing the wizard,
In the "Profile" screen you are asked to select when to apply the rule, with three options:
- Domain : the rule applies when a computer is connected to a domain.
- Private : the rule applies when a computer is connected to a private network, such as the home or small business network.
- Public : the rule applies when a computer is connected to a public network, for example the wifi of a bar or hotel.
From the guide on How to set up the private or public network in Windows, we say that the home network is private, trusted and protected by the proprietary router, the bar's wifi network is public, because anyone can access it and you do not have control over the router which can also register connections.
In case you want to protect a program from connecting to public wifi, mark Public, otherwise, if you want to block in any case, apply it to all networks, both private and public and Domain.
The final step is to give the rule a name, where it is important to make it recognizable (for example, Block Firefox ).
A new entry will have been included in the list of outbound connection rules and the program (Firefox in this example) will not be able to access the internet to communicate externally and download data, in a total way.
You can also refine the rule and modify it at any time, adding exceptions (for example making sure that the application cannot access the Internet but can connect to another PC on the network).
To do this, on the first tab that of the Type of rule, choose Custom (here, however, you need to be a little expert and know the differences between network protocols).
Create Inbound Connection Rules
The same procedure seen above can be done by selecting the rules for incoming connections from the side menu of the Windows Firewall with advanced security window.
The difference between inbound and outbound connections is as follows:
The inbound firewall rule blocks or allows other systems to connect to our PC, for example, Windows file sharing, ftp, web server, etc.
Outbound rules allow system applications to connect to other systems which are, for example, a website, a message or a file download.
Typically, incoming rules are not used on the home PC, but are used only on secure corporate networks.
You can certainly create an inbound connection rule identical to the outbound one to block a program, but it is almost always superfluous.
Inbound rules can be used with programs such as the Torrent or Emule client, both inbound and outbound traffic must be allowed, for which it always recommends creating a rule that authorizes it.
In case of errors, see here how to restore the Windows Firewall if the connection of a program is blocked .
Alternative and faster way to block one or more programs on the net and on the internet
Without creating rules, you can use the main Windows Firewall window to block a program
Open The Firewall from the Control Panel and then press on Allow apps or features through Windows Firewall
In the list window you can check or uncheck the box next to each item to allow or block it, on private or public networks.
In this case, however, a total block is not created, but the authorization to access the internet for the deselected apps is simply removed.
Block all programs from the incoming connection
There are occasions when it is safer to block all incoming data connections on your computer, for example if you are using the unsecured Wi-Fi connection of an airport, restaurant or hotel, where malware could access your PC.
To disable all incoming connections with Windows Firewall, open the Windows Firewall window and then click on the link on the left Change notification settings .
In Public Network Settings, select Block all incoming connections including those in the list of allowed apps and press OK.
With this setting enabled, you can still browse the web and send emails, even if other programs are blocked.
READ ALSO: Best Free Firewalls for Windows PC
