Block Host

I am trying to block a domain, as an example,

I go to

  1. network control rules
  2. go to general
  3. action set to “BLOCK”
  4. create an alert if this rule is fired “CHECK MARKED”
  5. protocol set to “TCP or UDP”
  6. direction st to “IN/OUT”
  7. exclude “NOT CHECKED”
    eight) radio button set to “HOST NAME”
  8. I put in in “NAME”

I hit “OK” and my Browser (IE6) still goes to “” and I do not get alerted.

What am I doing wrong?

Try this:


Thanks for your response. Why is it so difficult? I just want to block my computer to block a website. I should just be able to enter a website (or IP) to block, simple! Make it simple! I wonder if software engineers take in consideration the simple user? It is easier just to use my host file.

I agree. Blocking websites isn’t really supposed to be part of a firewall’s function. Suppose someone wanted to block a bunch of websites or ads’ urls - they’d have to create just that many Network Monitor rules in CFP. That wouldn’t be a practical method. That’s why it’s better to leave blocking sites to your browser.

What I am trying to say is, the object of a Firewall is to block or allow my computer to access a site/ip addy, that is all. Why must I need to read a tech manual to figure out how to use a piece of software (granted, free)? Keep in mind, I am a Security Systems Analyst (homeland security-type systems). Your everyday “Joe/Jane” uses the software. If there were a charge, I wouldn’t buy Comodo.


Here you can read how a firewall works:

I don’t find anything that says they work by blocking websites(when I fast-read it).
We got the host file that does the job, why would we need a firewall to do it?
Host file is the easiest way to do it.

I remember ZA ISS had some feature like this, except it only blocked sites that it thought was bad, the user couldn’t add or remove(when I used it). It’s like Spybots host file blocking.

The primary object of a firewall is to prevent hackers and give you the power to control what’s allowed to access the Internet, and what’s not.


Good gosh, that means blocking a website/ip…your computer contacting the hackers machine. THAT, my friend, is EXACTLY what the purpose of a firewall is. So, I am not getting what you are saying.

Sorry, I agree that I did a bad explanation.
It’s because English isn’t my mother tongue, so I can’t explain as good as in Swedish.

What I meant was, the firewall is supposted to give you control over which IP-adresses that an application communicates with, but it’s not meant to block websites/IP/host(by defualt that’s not the primary object). At least not for the average users that hardly knows anything about IP-adresses.
More advanced users can do it with CPF if you have it to display an alert for every IP that an application communicates with, which might be a lot, and most of the users get really confused with about 5-10 alerts at the same time.

Hope you understand what I mean.


P.S Sorry for my bad explanations in English D.S

DataAve, I don’t really see anything wrong with the rule you created in your first post, except possibly the order.

CFP NetMon filters from the top downward. So for your rule to work, it has to be above/before any other rule that might allow the traffic (in other words, a more general rule).

I would suggest separating In and Out into separate rules. This way your In has the Source IP: Host: and your Out has the Destination IP: Host:

When making changes to existing rulesets or current connections, it is a good idea to clear the FW memory to make sure the rules set, before trying them. You may either Exit the FW from systray icon, wait a few seconds and restart from desktop icon, or reboot (reboot guarantees results).

I’ve used this methodology very successfully.

A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network which has different levels of trust.
From the WIKI-link ..

That is EXACTLY what the OP is trying to do …
to block a IP/Hostname with Comodo you need 2 rules : one for in and one for out .
There is a topic explaining the procedure somewnere in FAQ-section.
That being said, Comodo isn’t really designed for doing this in an easy way.
If you want to block IP’s it’s a lot easier to use something like PeerGuardian2 or
ProtoWall as those apps are specifically designed to do just that…

DataAve, I don't really see anything wrong with the rule you created in your first post, except possibly the order.

It just doesn’t work.

Why not just use the “hosts” file to block it? Hostsman or HostsXpert are great for managing your hosts file.


use altavista for test, comodo blocks as a charme,

google does come back with several ips, so ya need block each ip, or a range.

and yeah a firewall is for blocking ips, not hostnames which need a DNS resolve outside which could be a risk …

comodo blocks perfect IN and OUT


PS: dont forget nt service DNS cache and browsercache …