How to Create Advanced Firewall Rules Using Windows Firewall

Firewall is an important and necessary tool to protect us from the unsecure Internet. Most of the modern OSes come with a built-in firewall, but the problem is that few people know of its existence and only a few know how to configure it.

Windows is no different. By default, it comes with a decent built-in firewall which is capable of controlling all the incoming and outgoing traffic. This built-in Windows firewall is a bit clunky with a not-so-friendly user interface and complex rules, though it does gives you plenty of control on overall rules like blocking, restricting, whitelisting, etc. In this article, we are going to show you how to create advanced firewall rules in Windows firewall to block an application from accessing the Internet.

To create an advanced firewall rule in Windows firewall, you need access to the Windows advanced firewall settings. Press “Win + X” and select “Control Panel” from the power user menu.

create-firewall-rules-select-control-panel

Here in the control panel, scroll down and select the option “Windows Firewall.” Make sure that you set your “View by” as small or large icons.

create-firewall-rules-select-win-firewall

The above action opens Windows firewall settings. Click “Advanced Settings” link on the left pane. Here in the advanced firewall settings window, you can see the rules set to all the inbound and outbound connections.

create-firewall-rules-advanced-settings

Now to block an application from accessing the Internet, you can create an outbound rule set to block any outgoing connections from that application. To do that, select the link “New Rule” under the actions tab on the right pane.

create-firewall-rules-select-new-rule

The above action will open the “New outbound rule wizard” window. Since we are blocking a program from accessing the Internet, select the radio button “program” and click on the “Next” button.

create-firewall-rules-select-radio-button-program

In the next window, select “All programs” if you want to block all the programs from accessing the Internet. If not, select the radio button “This program path,” click on the Browse button and select the program you want to block. Now click on the “Next” button to continue. In my case, I want to block all the outbound connections generated by the Opera browser.

create-firewall-rules-select-program

Here in this window, you will have three options; you can either “allow all the outbound connections” or “only if it is secure,” or you can “block all the outbound connections.” Since we want to block all the outbound connections, select the radio button “Block the connection” and click on the “Next” button.

create-firewall-rules-block-connection

Now you need to select a profile to which this rule should apply. You can either select all the profiles or a specific profile to apply the rule. For example, if you want the program to be blocked when you are using public Internet connections (like Public-WiFi), then just select the profile “Public.” If you want to block the program entirely, then select all three profiles. Once you have selected the profiles, click on the “Next” button to continue.

create-firewall-rules-select-profile

Here in the name screen, enter the name and description of the rule for future reference. Click on the “Finish” button to complete the process of creating a rule in the Windows firewall.

create-firewall-rules-set-name

Once the rule is created, you can see that rule in the “Windows firewall with advanced security” window.

create-firewall-rules-firewall-rule-created

From this point forward, the application or program you blocked in the Windows firewall can no longer access the Internet. In my case, Opera browser cannot access the Internet unless I change or disable the rule in the Windows firewall settings.

create-firewall-rules-opera-blocked

If you ever want to disable, modify or delete the rule, just right click on that specific rule and select the appropriate option.

create-firewall-rules-modify-firewall-rule

It is that easy to create a rule to block a program and this same procedure applies to the inbound rules. Besides blocking a program, you can restrict ports, port range, protocols, IP addresses, etc., and you can even create more advanced and custom rules for your applications and needs.

Windows firewall is pretty advanced and it may take some time to get around. The good thing is, once you worked out how it works, you can get it to block any application the way you want it to.

Do comment below if you have any problems while setting up the rules or to share your thoughts and experiences on Windows Firewall.

8 comments

  1. Great to know about such nifty tools.
    Nice to read the article.

    Is it possible to block Internet connectivity to all the application except the Google chrome.

    Thanks.

    • I haven’t tried this, but try changing your firewall profiles settings to block all unallowed connections and create a new rule allowing Google Chrome.

      • Thanks Krishna for your reply.
        I had tried this too. Even if I over-ride the for allowing google chrome, the Internet is not working.

        I am trying to implement this to the scenarios where you have limited bandwidth and its been utilized by other applications & updates instead of the browser.

        Thanks again for the reply.

        • May be you’ve tried blocking all the applications by creating a new rule and then again created a rule to allow Google Chrome. If that’s the case then it doesn’t work that way.

          Sorry for not being clear in my earlier comment. What I meant to say is, change your Windows firewall profile (Domain or Private or Public) settings to block all the outbound connections except the whitelisted ones. Once you’ve done that, whitelist your Chrome browser.

          • Thanks Krishna. That worked. I have been searching for this since long time.

            Thanks once again for taking you time to reply.

            Cheers.

  2. Hi Krishna

    Thanks very much for the explanation it was quite helpfull till an extend. Till know i am able to block all programs from accessing the internet but i am still not able to allow only firefox to acces the internet. please can you give more details on this. thanks in advance.

Comments are closed.

Sponsored Stories