Block websites by url [Resolved]


Just installed Comodo Personal Firewall, so still getting to know it.

One question (I’ve searched the forum but not found anything) is it possible to block websites by url?
I guess it would be a Network Rule, but I’ve tried a couple of variations and cannot get it to work.


I don’t think it is possible to block a site by its URL. But you could block the site by blocking the site’s hostname TCP Out at port 80.
This may already be in the feature request list, however. :smiley:

I just did a quick test and you can block a site by name.

The rule parameters are as follows;

Action : Block
Direction : In/Out
Source : Your LAN Zone or individual IP
Remote - Host :
Protocol : Any

To make this rule work, I had to move it ABOVE the default ALLOW-IN-ZONE-ANY-ANY rule. If it was below this rule in the list the named site would not be blocked because it would be a valid response to an originating request. If the BLOCK rule is moved above the default rule, only the named site is blocked, other sites can still be accessed.

Have a crack and see if this works for you.

Hope this helps,
Ewen :slight_smile:
(WCF3) (WCF3) (WCF3)

Not that I didn’t believe Panic but I had to try it for myself, and it works :o

I didn’t believe me either so I tested. :wink:

This will block every port matching the hostname specified.
If you only want to block HTTP and HTTPs (Web access - if it’s not on a custom port), make two rules, one for TCP OUT 80 and one for TCP OUT 443.
Have Fun! :slight_smile:

Thanks memo. So the rule parameters to block a site by URL should be as follows;

Action : Block
Direction : In/Out
Source : Your LAN Zone or individual IP
Remote - Host :
Source Port : Any
Remote Port - A set of ports :80,443

Are these correct? Sorry, can’t test myself at the mo, on a very controlled LAN.

Ewen :slight_smile:

It won’t work with any Sock-Type connection.

*. Only valid at Direct Connection!
*. …even tried using IP, instead of TCP/UDP


Egemen’s answer the question at this post:,193.msg5505.html#msg5505

*. …guess there’s no cure for the “dynamic-tunnel”, then.