1

How to Block a Program in Firewall in Windows 10 & 11

Want to prevent an application from accessing the internet? Here is how to block a program in
Windows Firewall in simple steps.
To protect the system from unwanted connections, Windows has a built-in Firewall. It allows all
outbound connections and incoming connections that a direct response to the outbound requests.
This means that almost every computer program has free access to the internet as long as it
respects the firewall rules. In special cases, programs can even create custom firewall rules. One of
the best things about the Windows Defender Firewall is that it gives granular control over what can
and cannot connect to the network, unlike many simple firewall applications.

Generally, most users never need to worry about an application accessing the internet. However,
there will be situations where you need to restrict an application’s access to the internet.
For example, the application in question may constantly be downloading unstable updates,
relaying telemetry data, showing adverts or sale notifications, etc. No matter the reason, if there is
an application that you don’t want accessing the internet, you can create a custom firewall rule to
block it. The good thing is, it is very easy to do it.

Let me show you how to create a custom rule to block a program from accessing the internet
using Windows Firewall.
Block a program in Windows Firewall (restrict internet access to a program)
To restrict Internet access and block a program in Windows Firewall, we have to create a custom
block rule in the outbound rules section of the Advanced Windows Firewall Settings. Here is how
to do it.
The first thing we need to do is open the Windows Defender Firewall Advanced Settings. To do
that, open the Start menu, search for “Windows Defender Firewall,” and click on the result. This
action will open Windows Firewall.

In the Windows Firewall, click on the “Advanced Settings” link on the sidebar to open Firewall
Advanced Settings page.

Now we need to create a new block rule in the Outbound Rules section. So, right-click on the
“Outbound Rules” option on the sidebar and select the “New Rule” option.
Since we want to block a program from accessing the internet, select the “Program” option and
click the “Next” button.
 2

Select the “This program path” option and then click the “Browse” button.

Find the exe file of the application you want to block in the Firewall, select it, and click the “Open”
button.

The above action will add the file path to the blank field of the rule creation wizard. Click the
“Next” button to continue.
 3

Choose the “Block the connection” option. This option is responsible for blocking the target
application from accessing the internet.

Select all three profiles. i.e., Domain, Private, and Public checkboxes. That way, no matter the
network type your machine is using, the program will be blocked. Of course, if you only want to
stop the program in a specific profile, you can select it and delete all others. Click the “Next”
button to continue.
 4

Finally, name the rule and click the “Finish” button. Though you can name it anything you want, I
recommend you keep the name concise. You can always use the description box to explain the rule
and why you created it in the first place.

You can now see the newly created rule in the main firewall window. The target application cannot
access the internet as long as the rule is active.
If you ever want to allow the program, simply find the rule, right-click on it and select the “Disable
rule” option. If you’re going to allow the application permanently, you can delete the block rule by
choosing the “Delete” option.

That is all. I hope that helps.

 5

How to Block a Program with Windows Firewall

This wikiHow teaches you how to prevent a program from accessing your Windows computer network by
blocking it in Firewall. You must have administrator privileges to access Firewall and block programs in it.
Keep in mind that blocking a program from using Firewall doesn't usually prevent the program from running
on your computer.
Things You Should Know
 Open Firewall. Click Advanced settings > Outbound Rules > New Rule… > Next. Check
"Program" > Next.
 Select a program and copy its path. Click Open and paste in the copied path. Click Next three
times, enter a name for your rule, and hit Finish.
 To temporarily disable a program, open Firewall and click Allow an app or feature through
Windows Firewall > Change settings. Check the box next to the program you wish to block and save.
Method1
Blocking a Program
1.

1
Open Start 

. Click the Windows logo in the bottom-left corner of the screen.

2.

2
Open Firewall. Type in Windows Defender Firewall , then click Windows Defender
Firewall at the top of the Start window.

3.

3
Click Advanced settings. It's a link in the upper-left corner of the Windows Firewall window.
4.
 6

4
Click Outbound Rules. This tab is on the left side of the window.
5.

5
Click New Rule…. It's in the upper-right corner of the window. Doing so opens a new window in which
you'll create your Firewall rule.
6.

6
Check the "Program" box. You'll find this option at the top of the page.
7.

7
Click Next. It's at the bottom of the window.
8.
 7

8
Select a program. Before you can block a program, you'll need to select the program in order to find its
path:
 Check the "This program path" box and click Browse....
 Click This PC on the left side of the window.
 Scroll down and double-click your hard drive's name (e.g., OS (C:)).
 Double-click the Program Files folder.
 If the program you want to block is elsewhere, go to the program's folder instead.
 Find the folder for your program, then double-click the folder.
 Select the program file by clicking it once.

9.

9
Copy the program's path. Click the address bar at the top of the window to select the path there, then
press  Ctrl + C  to copy the path.
 This is necessary because Windows will restructure the path to the file once you open the file
in Firewall, thus breaking your outbound rule. You can bypass this problem by manually pasting in the path
to the file.
10.
 8

10
Click Open. It's in the bottom-right corner of the window.

11.

11
Replace the path before the app's name with your copied one. Highlight the path in the "This program
path" text box all the way up to the last backslash before the app's name, then press  Ctrl + V  to paste in
your copied path.
 For example, if you wanted to block Chrome in the path "C:\Program Files\Google\
Application\chrome.exe", you would select all but the "\chrome.exe" section and replace it with your copied
text.
 Leaving the app's name and extension at the end of the path is crucial, as failing to do so will
leave you with a rule that doesn't block anything.

12.
 9

12
Click Next three times. This button is in the lower-right side of the window on each page. Doing so takes
you to the final page.
13.

13
Enter a name for your rule. Type whatever you want to name your rule into the top text box on the page.
 For example, if you're blocking Google Chrome on your computer, you might name your rule
"Chrome Block" here.
14.

14
Click Finish. It's at the bottom of the window. Doing so saves and applies your rule; from now until
you delete or disable the rule, your program will not be able to access the Internet.
 10

How To Allow Or Block Apps In Windows Firewall in Windows 10

How to Temporarily Disable a Program

Step 1. You can click Start and type Windows Defender Firewall. Choose Windows
Defender Firewall to open it.
Step 2. Click Allow an app or feature through Windows Firewall in the left column. And
click Change settings.
Step 3. Find the target program you want to block. If you can’t find the program in the
list, you can click Allow another app…-> Browse, locate the program and open it, select
the program name and click Add to add it to the list.
Step 4. Make sure the target program is not checked in the left. If a program is not
checked, then it means Windows Firewall already blocks the program. Finally,
click OK to save the changes and prevent the program from running on your Windows
10 computer.

In Windows 10, Windows Firewall is based completely on the Windows Filtering Platform API and has
IPsec integrated with it. This is true since Windows Vista where the firewall added outbound connection
blocking and also comes with an advanced Control Panel called Windows Firewall with Advanced Security.
It gives fine-grained control over configuring the firewall. The Windows Firewall supports multiple active
profiles, co-existence with third-party firewalls, and rules based on port ranges and protocols.
Before you allow or deny apps in the Windows Firewall, ensure that you are signed in as an administrator.

To allow an app through Windows Firewall, do the following.

For some apps, like Total Commander, a special prompt "Windows Security Alert" may appear as shown in
the screenshot below. It can be used to allow or deny the app from accessing the network. Select the network
 11
locations you want to allow (private or public) or uncheck them all to block the app.

To allow an app through Windows Firewall using Firewall Settings, do the following.

1. Open Settings.
2. Go to Network & Internet - Status.
 12
3. Scroll down to the link "Windows Firewall" and click it.

4. The following window will be opened. There, click the link "Allow an app or feature through
Windows Firewall" on the left side.
 13
5. Click the button "Change settings" if you have UAC enabled to unblock other buttons.

6. To allow some app, click on the button "Allow another app".

 14
7. In the next dialog, click the Browse button and pick an app you want to allow through Windows

Firewall.
 15

8. Now, click on the button "Network types...". In the

next dialog, select public, private or both network types to allow the app.
 16

9. Click on the "Add" button and you are done.

In the Firewall settings, you can also block the allowed app. You can uncheck the check for the rule in the
app's list (see the screenshot below) or remove the rule completely.
 17

To remove the rule completely, select the desired app in the list and click the "Remove..." button.
 18

How to Block An Application from Accessing the

Internet with Windows Firewall

Most of the time we want our applications online and connected to both our local network and the
greater Internet. There are instances, however, when we want to prevent an application from
connecting to the Internet. Read on as we show you how to lock down an application via the
Windows Firewall

Why Do I Want To Do This?

Some of you might have been sold immediately by the headline, as blocking an application is
exactly what you’ve been wanting to do. Others may have opened this tutorial curious as to why
one would block an application in the first place.

Although you generally want your applications to have free access to the network (after all what
good is a web browser that can’t reach the web) there are a variety of situations in which you may
wish to prevent an application from accessing the network.

Some simple and commonplace examples are as follows. You might have an application that
insists on automatically updating itself, but find that those updates break some functionality and
you want to stop them. You might have a video game that you’re comfortable with your child
playing, but you’re not so comfortable with the online (and unsupervised) multiplayer elements.
You might be using an application with really obnoxious ads that can be silenced by cutting off the
application’s Internet access.

Regardless of why you want to drop the cone of network connectivity silence over a given
application, a trip into the guts of the Windows Firewall is an easy way to do so. Let’s take a look at
how to block an application from accessing the local network and Internet now.

Creating a Windows Firewall Rule

Although we’ll be demonstrating this trick on Windows 10, the basic layout and premise has
remained largely unchanged over the years and you can easily adapt this tutorial to earlier versions
of Windows.
 19

To create a Window Firewall rule, you first need to open up the advanced Firewall interface, which
is named, appropriately enough, Windows Firewall with Advanced Security. To do so navigate to
the Control Panel and select “Windows Firewall.” In the “Windows Firewall” window, click the
“Advanced Settings” link on the left.

Note: There is a lot going on in the advanced interface and we encourage you follow along closely,
leaving anything outside the scope of the tutorial and your experience level alone. Mucking up your
firewall rules is a surefire way to a big headache.

In the far left navigation pane, click the “Outbound Rules” link This displays all the existing
outbound firewall rules in the middle pane. Don’t be surprised that it is already populated with
dozens and dozens of Windows-generated entries.

In the far right pane, click  “New Rule” to create a new rule for outbound traffic.
 20

In the “New Outbound Rule Wizard,” confirm that the “Program” option is selected, and then click
the “Next” button.

On the “Program” screen, select the “This program path” option, and then type (or browse for) the
path to the program you want to block. For the purposes of this tutorial, we’re going to block a
portable copy of the Maxthon web browser—mostly because it will be easy to demonstrate to you
that the browser is blocked. But, don’t click “Next” just yet.
 21

There’s an important change you need to make before you continue. Trust us on this. If you skip
this step you’ll end up frustrated.

When you use the “Browse” command to select an EXE file, Windows defaults to using what are
known as environmental variables if the particular path includes a given path portion represented
by one of those variables. For example, instead of inserting C:\Users\Steve\, it will swap that
portion for the environmental variable %USERPROFILE% .

For some reason, despite the fact that this is the default way it populated the program path field, it
will break the firewall rule. If the file you have browsed to is anywhere that uses an environmental
variable (like the /User/ path or the /Program Files/ path), you have to manually edit the program
path entry to remove the variable and replace it with the correct and full file path. In case that’s a
tad confusing let us illustrate with our example program from above.

When we browsed to the EXE file for our Maxthon web browser, Windows plugged in the following
program path information for the file, which was located in our Documents folder:

%USERPROFILE%\Documents\MaxthonPortable\App\Maxthon\Bin\Maxthon.exe

That file path is understood by Windows, but for some reason is no longer recognized when
inserted into a firewall rule. Instead, we need to replace the file path that includes the
environmental variable with the full file path. In our case it looks like this:

C:\Users\Jason\Documents\MaxthonPortable\App\Maxthon\Bin\Maxthon.exe

It’s possible this is some quirk isolated to the current version of the Windows 10 firewall, and that
you can use environmental variables in other versions, but we’d encourage you to just remove the
variable and use the full and absolute file path to save yourself a headache today and down the
road.
 22

Finally, there’s one small but important thing to keep in mind here. For most applications, the main
EXE file is the one you want to block, but there are examples of applications where things are a bit
counter-intuitive. Take Minecraft, for example. At first glance it seems like you should
block Minecraft.exe , but Minecraft.exe is actually  just the launcher file and the actual network
connectivity happens through Java. So, if you want to restrict your child from connecting to online
Minecraft servers you need to block Javaw.exe and not Minecraft.exe . That’s atypical, though, as
most applications can be blocked through the main executable.

At any rate, once you’ve selected your application and confirmed the path, you can finally click that
“Next” button. On the “Action” screen of the wizard, select the “Block the connection” option, and
then click “Next.”

On the “Profile” screen, you’re asked to select when the rule applies. Here, you have three options:

 Domain: The rule applies when a computer is connected to a domain.

 Private: The rule applies when a computer is connected to a private network, such as
your home or small business network.
 Public: The rule applies when a computer is connected to a public network, such as at a
coffee shop or hotel.

RELATED: What's the Difference Between Private and Public Networks in Windows?

So, for example, if you have a laptop that you use at home (a network you’ve defined as private)
and at a coffee shop (a network you’ve defined as public) and you want the rule to apply to both
places, you need to check both options. If you want the rule only to apply when you’re at the public
Wi-Fi spot at the coffee shop, then just check Public. When in doubt, just check them all to block
the application across all networks. When you’ve made your selection click “Next”.
 23

The final step is to name your rule. Give it a clear name you’ll recognize later on. We named ours,
simply, “Maxathon Block” to indicate which application we’re blocking. If you want, you can add a
fuller description. When you’ve filled the appropriate information in, click the “Finish” button.

You’ll now have an entry at the top of the “Outbound Rules” list for your new rule. If your goal was
blanket blocking you’re all done. If you want to tweak and refine the rule you can double click on
the entry and make adjustments—like adding local exceptions (e.g. the application can’t access
the Internet but it can connect so another PC on your network so you can use a network resource
or the like).
 24

At this point we’ve achieved the goal outlined in the title of this article: all outbound
communication from the application in question is now cut off. If you want to further tighten the
grip you have on the application you can select the “Inbound Rules” option in right hand navigation
panel of the “Windows Firewall with Advanced Security” and repeat the process, step for step,
recreating an identical firewall rule that governs inbound traffic for that application too.

Testing the Rule

Now that the rule is active it’s time to fire up the application in question and test it. Our test
application was the Maxthon web browser. Practically speaking, and for obvious reasons, it’s not
super useful to block your web browser from accessing the Internet. But, it does serve as a useful
example, because we can immediately and clearly demonstrate that the firewall rule is in effect.