Expected/desired behavior would be complete system wide blocking access to connecting to the website to any app/program, but no blocking is happening because I can access the website via a web browser.
I’m recently coming from Windows 8.1 x64 running Comodo Firewall 8.4.0.5165 and this blocking feature via Network Zones was working as stated before. I was able to just simply add “www.internetdownloadmanager.com” w/ Host Name type and there would be a complete system wide block to that website, and almost instantly access was denied within a web browser as a test.
This feature is very useful to me and was much faster than editing the Windows hosts file. Previously, I was actually able to create a New Network Zone under NETWORK ZONES, which is an allowed zone, with all the websites I wish to block as type Host Name listed within it, and then go under BLOCKED ZONES and simply add that created network zone with all the containing websites to set the system wide block. This was useful because if/when I wanted to temporarily access a blocked website, I could just quickly remove the network zone from BLOCKED ZONES but then easily add the saved zone that already contains all the websites right back to being blocked.
I found this following topic that’s similar but relating to blocking websites via Website Filtering (which is not enough for me if it only blocks web browsers and not complete system wide) and that it’s supposedly a known problem that would be resolved with CIS beta 2025. But I’m having my problem blocking websites via network zones with COMODO Firewall 12.3.4.8162 2025…
Can anyone please help confirm if this is a problem on my end, or the network zone blocking no longer functions as that old version, or it should still function as stated but there’s a bug with this version?
Thank you!
Can’t comment on comodo’s ability, but can say this action does work well editing your MS hosts file via notepad ++.
Just rem it out, by setting it to loopback, with one line per entry > 127.0.0.1 internet-address goes here.
Though it wouldn’t be zones, just individual web addresses.
Advantage is you can comment and organize your hosts file as you see fit.
Anyway, another way to ‘skin the cat’, if you can’t get working via comodo.
It doesn’t work with website addresses, that’s what website filtering is for and even then it only works with Firefox.
Go to Website filtering, add a category and website. you can use * ____ * wildcards for part of an address line. You then need to go into Block Sites rule and then add that category to the list. It’s a bit longwinded and probably just easier editing your hosts file with the websites you want to block or use a browser extension.
So then the latest version no longer functions as that old version, because the old version was certainly able to network zone block websites, at least with Host Name converted to IP, whether it was intended for such purpose or not. It’s unfortunate the latest version cannot network block websites converted to IP, as you would think adding an IP (of a website) to the block zone would block access to it, but doesn’t…
That old version had the Website Filtering feature too, but blocking websites/IP via Network Zones still worked.
And as of now based on the current capability of the Website Filtering feature, it is ultimately useless. It’s really for parental controls and it only works with one web browser… There are so many web browsers, and forks, and portables, that this feature will likely never cover, so it completely fails at parental controls. It would be ideal if the Website Filtering feature stayed as is but actually blocked websites via a network zone blocking policy behind the scenes. That way by default all browsers would be covered because blocking would be system wide, and that would be more effective parental controls in blocking complete access to websites.
I would say Comodo has and caters to advanced users. And having the advanced option to completely block websites system wide, where a user can allow a program to run and function with an allowed connection via Firewall Application Rules, but also block access to “phone home” via Website Filtering w/ Network Zone Blocking, would be for an advanced user.
But my only option now is to edit the Hosts file.
The alternative is to add the IP address as a block rule in Windows Firewall as that runs along side CFW unless you disable it but they don’t conflict with each other. Thinking about it, it might be either the firewall rule for the browser that’s allowing the connection so you may just need to create a firewall rule so it’s not automatically allowed connections.
