A Firewall is a crucial security layer that monitors the network traffic and secures it from unsolicited threats and attacks. Users can manually configure the firewall to prevent a program from using network traffic to strengthen network security.
The most prominent way to block a program in a firewall is by setting inbound and outbound rules. Windows defender, a built-in host-based firewall, manages all these configurations on Windows. It also provides the option to choose the program you want to restrict communicating with the firewall.
Today’s article discusses how you can block a program in a firewall using various graphical and CLI utilities.
Table of Contents
Ways to Block a Program in Firewall
On Windows, there are graphical as well as command-line-based options for blocking a program in Firewall. Generally, the firewall can be manually configured from the Windows Defender settings. However, these configuration changes can also be done using the command lines from the Command prompt and PowerShell.
Block Programs on Public and Private Networks
From the firewall settings of Windows, you can restrict communication of a program through the Firewall. Furthermore, you can even assign a network (public or private) that can be used by the application.
- Press Windows Key + R to launch Run.
- Type
firewall.cpl
and hit enter. - On the left panel of the windows Firewall Window, Click on Allow an app or feature through Windows Firewall.
- Click on the Change Settings button.
- Uncheck the programs you want to restrict communicating through the firewall.
- Click on OK to save the changes.
Block Incoming Programs on Firewall
Users can also block the incoming connections for all the programs listed on the Allowed apps. This is done to enhance the security of the connection. After performing this, you will remain connected to the internet, but it will restrict receiving any incoming traffic for different apps.
- Press Windows Key + R to launch Run.
- Type
firewall.cpl
and hit enter. - Click on Change notification settings from the left panel.
- Click on Block all incoming connections, including those in the list of allowed apps. Do this in both the Public and Private network settings section.
- Finally, click on OK to save the firewall configurations.
Create a Firewall Rule
On Windows, you can add two control mechanisms to the firewall; the inbound and outbound rules. Inbound rules can be used to block internet traffic from unknown sources and restrict malicious programs from getting access to the network. Similarly, the outbound rules can be used to restrict selected programs from using the traffic exiting the firewall.
- Press Windows Key + R, type
firewall.cpl
, and hit enter. - From the Left section of the Windows Defender Firewall window, go to Advanced settings.
- Click on Inbound Rules.
- From the Actions panel, click on the New Rule button.
- Choose the Program option in the Rule type step and click on Next.
- You will now be asked to choose the file path for the application you want to block. Click on Browse and select the path to the application’s executable file.
- Click on Next.
- Choose the Block the connection option and click on Next.
- Select the Network type ( Domain, Private or Public ) you want to apply the inbound rule.
- Give an appropriate name for the rule so you can find it easily next time you want to modify or delete it.
- Finally, click on Finish.
- Now, go to the Outbound Rules and set the firewall rules following the same steps you performed earlier.
Using Command Prompt
On the Command prompt, you can use the netsh command line that can be used to configure the network settings. It is also possible to run the netsh from a batch file to modify your network configurations. Here’s how you can use this utility to block a program in the firewall.
- Press Windows Key + X and open Terminal (Admin).
- Now, execute this command line to block the desired program. Just replace everything inside the quotations with the name and file directory of the preferred program you want to add to the block list. We have used chrome in this command for your reference.
netsh advfirewall firewall add rule name="Chrome" dir=in action=block program="C:/Program Files/Google Chrome/Chrome.exe" enable=yes
This command will set an inbound rule and block the chrome browser and restrict it from using the traffic received by the computer.
Using Powershell
PowerShell has a similar command-line utility to the netsh, which can be used to block a program in the firewall.
- Press Windows Key + R, type
powershell
, and hit enter. - Execute this command in PowerShell. Replace the name of the program and its file path with your preferred one. We have used the Chrome browser in this command for your reference.
New-NetFirewallRule -DisplayName "Chrome" -Direction Outbound -Program "C:/Program Files/Google Chrome/Chrome.exe" -Action Block
Executing this command will add an outbound rule to the firewall for all network profiles (Domain, Private and Public) and prevent the chrome browser from accessing the internet.