1. Launch the Windows Settings app.
2. In the left sidebar, select «Network & internet.»
3. Then, Click «Advanced network settings» and choose «Windows Firewall.»
(external link removed by moderator)
4. Select «Advanced settings» from the center bottom.
5. Select «Outbound Rules» from the left sidebar.
6. Select «New Rule» from the right sidebar.
(external link removed by moderator)
7. Select «Program» and then click Next.
8. Browse to the program’s path and then click Next.
9. Choose the «Block the connection» option and then click Next.
(external link removed by moderator)
10. Regardless, select all three choices and then click Next.
11. Fill in the program’s name and description (optional), then click Finish.
If there is an application, software, program or game you wish to block from accessing the internet, you can block the app using Windows Firewall so that no traffic can go in or out of the program. This tutorial will show you how to block a program from connecting to the internet using Windows Defender Firewall in Windows 11.
Also see: How to Know Which App is Using The Internet in Windows 11
Block an app from using the internet with Windows 11 Firewall
To block an app from accessing the internet, we will use Windows Defender Firewall with Advanced Security to set up inbound and outbound rules to block incoming and outgoing connections for the app.
How does it work? – By blocking incoming connections for a program, connections from outside of your computer to that particular program cannot be initiated. Thus, traffic and data cannot flow inward by the program to your computer. In the contrary, by blocking outbound connections for a program, that particular program will not be able to initiate any connection going-out of your computer, thus, blocking the program from sending any traffic or data to the internet.
Follow the steps below to block both incoming and outgoing connections for a program (to completely block the program from connecting to the internet).
- On the Windows desktop screen, go to Start, then search for and open “Windows Defender Firewall with Advanced Security“.
- In the Advanced Security window, on the left pane, click on Inbound Rules.
- On the right pane, click on New Rule (in the “Actions” column).
- In the wizard window, select Program and then click Next.
- Next, under “This program path“, enter the path to the program, or click on Browse to browse to the program you want to block. Click Next to continue.
- On the next screen, select “Block the connection“.
- When prompted for “When does this rule apply”, select the network profile which when connected you want the program to be blocked. If you are not sure, select all three Domain, Private and Public to block the program when you are connected to any of these network profiles.
- Next, enter a name for this rule. It can be any name you like. The name and description is to make it easier for you to identify this rule among the list of all added rules.
- Click Finish to add the rule.
- Then, back to the Advanced Security window, on the left pane, click on Outbound Rules.
- In the “Actions” column, click on New Rule.
- Repeat step 4 to 9 to add an outbound rule to block outgoing connection for the program.
After adding both inbound and outbound rules to block connections to or from a program with Windows Defender Firewall, that program will no longer be able to access the internet.
Block only inbound or outbound connection for a program
Optionally, you can partially block a program by blocking only its inbound or outbound connections depending on what you want to achieve. You can set up only one rule on either of the inbound or outbound rules for a program to block only one way connection instead of both.
For example, if you block only the incoming connections for a program, the program will not be able to receive any traffic from the internet, but it can still send traffic out to the internet.
Windows Defender Firewall need to be turned on in order for this feature to work. In Windows 11, Windows Firewall is enabled by default and should always stay on to protect your PC from potential threats. To check if Windows Firewall is properly turned on on your PC, go to Start > search for and open “Windows Security” > Firewall & network protection. Make sure “Firewall is on” is displayed on all three network profiles.
Если вам нужно разрешить запуск определенного приложения в Windows, но запретить ему доступ в Интернет, проще всего создать запрещающее правило во встроенном брандмауэре (Windows Defender Firewall).
К примеру, я хочу ограничить доступ в интернет для приложения Acrobat Reader. Для создания блокирующего правила в файерволе Windows, нужно получить полный путь к исполняемому файлу программы (например, «
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
«)
Откройте консоль управления Windows Firewall with Advanced Security, выполнив команду
wf.msc
.
Щелкните по секции Outbound Rule и выберите New Rule.
Создайте правило файервола со следующими настройками:
Новое правило появится в консоли Windows Defender. По умолчанию оно активно и будет блокировать сетевой доступ для выбранного приложения. При попытке открыть PDF файл из сетевой папки или Интернет-сайта, Acrobat Reader скажет, что указанный URL не доступен.
Если нужно заблокировать доступ для универсального UWP приложения Microsoft Store:
- Откройте свойства созданного ранее правила брандмауэра, перейдите на вкладку Programs and Services
- Выберите опцию All programs that meet the specified conditions
- Нажмите на кнопку Settings в разделе Application Packages и выберите в списке UWP приложение, которому нужно ограничить доступ в Интернет
Можно создать правило файервола, которое блокирует программе доступ в Интернет из консоли PowerShell. Это гораздо быстрее. Например, рассмотренное выше правило можно создать с помощью команды:
New-NetFirewallRule -Program "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" -Action Block -Profile Domain, Private,Public -DisplayName "Block network access Acrobat ReaderDC (AcroRd32.exe)" -Description "Block Acrobat ReaderDC" -Direction Outbound
Включить правило:
Get-NetFirewallrule -DisplayName "Block network access Acrobat ReaderDC (AcroRd32.exe)"| Enable-NetFirewallRule
Если нужно запретить приложению доступ в Интернет, но разрешить обращаться к ресурсам в локальной сети (на IP адреса в подсети 192.168.2.0/24), можно оставить общее запрещающее правило и создать более узкое разрешающее правило для разрешенных IP адресов и/или подсетей:
$allowedIP = @("192.168.2.0/24")
New-NetFirewallRule -Program "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" -Action Allow -Profile Domain, Private,Public -DisplayName "Allow LAN access Acrobat ReaderDC (AcroRd32.exe)” -Description “Allow LAN Acrobat ReaderDC" -Direction Outbound
Get-NetFirewallrule -DisplayName "Allow LAN access Acrobat ReaderDC (AcroRd32.exe)"| Get-NetFirewallAddressFilter | Set-NetFirewallAddressFilter -RemoteAddress $allowedIP
Теперь программа сможет получить доступ только к сетевым ресурсам в LAN, но не в Интернете.
Если нужно запретить доступ для всех программ, кроме разрешенных:
- Нужно перевести действие по-умолчанию для исходящего трафика в запрет (block):
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
- После этого нужно отключить все правила и создать разрешающее правила только для выбранных exe файлов.
In this guide, we will show you the steps to block an app from accessing the internet on your Windows 11 PC. Recently a developer rolled out a buggy update that ended up breaking the app’s online functionality, though it was still working in the offline mode. However, there was no way of forcing the app to work only in the offline ecosystem, resulting in the user’s inability to use the app altogether. Granted, one way of dealing with it is to turn off the WiFi on your PC.
However, that is not the most viable approach to get this job done as there would be quite a few other apps and services installed on your PC that would need to interact with the internet, either in the foreground or background. So what else could be done? Well, you could specifically block just that particular app from accessing the internet on your Windows 11 PC. And in this guide, we will show you how to do just that. Follow along.
Table of Contents
- Head over to Settings > Network & internet > Advanced network settings.
- Then select Windows Firewall and click on Advanced settings.
- Now select Outbound Rules from the left-hand side.
- Then click on New Rule from the right-hand side.
- After that, select Program and click Next.
- Now browse to the directory where the desired app’s EXE file is present, select it, and click Next.
- After that, select Block the Connection and click Next.
- Now checkmark Domain, Private, and Public, and hit Next.
- Finally, give it a name of your choice and an optional description, and click Finish.
- That’s it. You have successfully blocked an app from accessing the internet in Windows 11.
How to Unblock an App from accessing the Internet in Windows 11
if you wish to remove the network restriction and want the app to gain access to the network, then you could either disable the rule or delete it altogether. If you disable this rule, and you ever wish to reblock the app from accessing the internet, then you could easily re-enable it as and when needed in just a few clicks.
However, if you end up deleting this rule, and if you wish to reblock the app from network access, then your only course of action would be to re-create that rule from scratch [as explained in the above section]. Anyways, we have listed both these methods, you may refer to the one that is in sync with your requirement.
Disable Rule
- Head over to Settings > Network & internet > Advanced network settings
- Then select Windows Firewall and click on Advanced settings.
- After that, select Outbound Rules from the left-hand side.
- Now select the rule from the list and select Disable Rule. That’s it.
Delete Rule
- Head over to Settings > Network & internet > Advanced network settings
- Then select Windows Firewall and click on Advanced settings.
- After that, select Outbound Rules from the left-hand side.
- Now select the rule from the list and select Delete Rule > YES in the prompt.
That’s it. These were the steps to block an app from accessing the internet on your Windows 11 PC. Likewise, we have also listed the steps to revert this change- by disabling and deleting the Firewall rules. If you have any queries concerning the aforementioned steps, do let us know in the comments. We will get back to you with a solution at the earliest.
- How to Block Files, Folders, and Apps from being accessed in Windows 11
- Block IP Address via Windows Defender Firewall in Windows 11
- How to Allow Apps Through Firewall in Windows 11 | Add to Exception/Exclusion List
- How to Add Multiple IP Addresses and DNS Addresses in Windows 11
Sign in to your MUO account
Firewalls play an integral part in keeping computers and networks safe, but you can also use them to control an application’s access to the internet. The Windows Defender Firewall is a powerful security utility pre-installed in Windows 11. You can easily block a program from accessing the internet using the Windows Defender Firewall.
Whatever your reasons might be for preventing an app from accessing the internet, we’ve got you covered. Read on as we detail how you can block apps from accessing the internet in just a few clicks.
How to Block an Apps Internet Access Using Windows Defender Firewall
Windows Defender Firewall is a nifty built-in firewall program that you can configure in a few clicks. Blocking a program’s access to the internet means you prevent it from sending or receiving any network traffic.
There can be many benefits of blocking an app from communicating on the internet, but it can also come with potential security risks.
To block an application from using the internet using Windows Defender Firewall:
- Launch the Start menu, search for Windows Defender Firewall and click the Best match.
-
In the Control Panel window that opens, click on Advanced settings from the left sidebar, and it will launch the Windows Defender Firewall with Advanced Security window.
- From the left side menu, click on Outbound rules and select New Rule from the Actions pane on the right side of the screen. A New Outbound Rule Wizard should now launch.
-
We want to create a rule to block a program from accessing the internet, so you need to select Program in the New Outbound Rule Wizard and then click on Next.
-
Since you only want to block a specific program, you need to specify the program path and select the program’s EXE file; this is usually located in the Program Files directory of your PC.
- Check the This program path radio button, click on Browse, select the executable file of the program, and click on Next.
- Select Block the connection and then click on Next.
- Check Domain, Private and Public, and click on Next.
- You can now give your rule a name and a description, and a descriptive name can help keep track of the firewall rules if something goes wrong, and finally click on Finish.
You have now successfully blocked the app from accessing the internet.
How to Disable the Windows Defender Firewall Rule
If you’ve set up an Outbound Rule in the past, but now wish to restore an app’s access to the internet, you will need to disable or delete the added rule. Let’s look at how you can disable or remove an Outbound Rule in Windows Defender Firewall.
- Launch the Start menu, search for Windows Defender Firewall and click the Best match.
-
In the Control Panel window that opens, click on Advanced settings from the left sidebar, and it will launch the Windows Defender Firewall with Advanced Security window.
- In the above section, we added a new rule named Adobe Internet Block, so we’re going to remove it now. Click on Outbound Rules from the left pane and search for your rule from the list. Once you’ve found your rule, select it.
- From the Actions pane on the right side, you can either completely delete the rule by clicking on Delete or temporarily disable it by selecting Disable Rule.
Your outbound rule will now either be deleted or disabled based on your selection, meaning the program can now access the internet freely.
Blocking Apps From the Internet in Windows 11
Thanks to Windows Defender Firewall, blocking an app from the internet takes only a few clicks. If you had the belief that configuring a firewall on your Windows PC is too technical for you, we hope this guide helped you prove otherwise.