HOWTO: Block websites using the HOSTS file
[ 28 August 2006 ]
Marked under security, windows.
Blocking ad servers and malicious websites is a tough task these days. There are so many tools out there to keep ads blocked, remove spyware, and scan for viruses. Most of this unwanted content comes from known ad servers and known malicious websites. You can harness the power of the Windows’ HOSTS file to actually block some of this stuff. I’ve been doing this for years, and I’m still surprised how well it works.
In a nutshell
For your version of Windows, the HOSTS file is located in
Windows XP:
C:\WINDOWS\system32\drivers\etc\
Windows 2000:
C:\WINNT\system32\drivers\etc\
Windows 98/ME:
C:\WINDOWS\
It does not have an extension — it is just called hosts. The purpose of the HOSTS file is to allow you to manually enter IP addresses associated with websites, so the DNS server can quickly resolve an address. Say you know that google.com is the IP address 64.233.187.99 — you could enter that into the HOSTS file so when your machine requests google.com, it will immediatly know to go to http://64.233.187.99/. Instead, we can take known ad servers, and tell them their IP addresses are 127.0.0.1. For those of you that don’t know, 127.0.0.1 is your local machine, if you were running a server on it. So say, some ad server hosts a banner ad at http://www.adsite.com/ads/23bh3.jpg. If you redirect this server to your lcoal machine in the HOSTS file, when a website calls that hosted image from the ad server, it will try to load http://127.0.0.1/ads/23bh3.jpg. Since that folder and that image don’t exist on your computer, the image won’t show, and you’ve blocked the ad from showing on that website.
Putting it together
This first line of the HOSTS file should list the local IP address:
127.0.0.1 localhost
That tells the rest of the file, 127.0.0.1 is your local machine, like I explained above. You could also use 0.0.0.0 instead of 127.0.0.1 — either will work, but whatever you use for localhost, use below. After that, enter known ad servers and use your local IP (whichever you chose at the top). You can find maintained HOSTS files online or start to build your own. Here’s a little snippit of what my HOSTS file looks like:
127.0.0.1 localhost
127.0.0.1 92.132.206.rev.adknowledge.com
127.0.0.1 a-con1.adknowledge.com
127.0.0.1 a-lbs.adknowledge.com
127.0.0.1 a-pwr.adknowledge.com
127.0.0.1 a-sw1.adknowledge.com
127.0.0.1 aa1-1.adknowledge.com
127.0.0.1 aa1.adknowledge.com
127.0.0.1 aa2-1.adknowledge.com
127.0.0.1 aa2.adknowledge.com
127.0.0.1 aa3-1.adknowledge.com
Extra step: Windows XP/2000 only
In XP and 2000, the DNS Client (a system service), will make your machine come to a grinding hault if your HOSTS file is too large. This service is unnecessary and can be stopped and disabled. Go to Start > Run > enter “services.msc” then hit [Enter]
Navigate to DNS Client, right-click it, select Properties, under Start-up Type, select Manual. Click Apply. Then below that, click the Stop button. You should do this before you save a large list of servers to your HOSTS file.
Disabling/Enabling the HOSTS blocking
If you ever need to disable the blocking, just rename the hosts file to anything. I usually rename it to hosts.disable. After you do that, you need to restart your browser to see the changes. To enable it again, just rename it back to hosts.
You could also write a script to do this for you. An example called disable.bat:
cd C:\WINDOWS\system32\drivers\etc && ren hosts hosts.disable
And another example called enable.bat:
cd C:\WINDOWS\system32\drivers\etc && ren hosts.disable hosts
More info about HOSTS
To get a HOSTS file already full of servers, you may go to MVPs.org. To learn more about the HOSTS file, check this site out; it’s where I learned about it. Also, I posted this tip a while back, at Of Zen and Computing.
53 Comment’s on “HOWTO: Block websites using the HOSTS file”
Wow, 3 people have commented and all 3 comments are retarded.
Its a shitty world I live in.
[...] Re: I need to be able to block certain websites There are lots of programs that do this for you, just google block websites! http://www.ashkon.com/webblock.html If you want to do it with the hosts file, just add the lines (like you have done), but remember to add the sub domains, like http://www. so you would add 127.0.0.1 myspace.com 127.0.0.1 http://www.myspace.com 127.0.0.1 ads.myspace.com etc For more info, look here http://www.allthingsmarked.com/2006/08/28/howto-block-websites-using-the-hosts-file/ [...]
hi, is it possible to use wildcards, or create on that has anything to do with bingo(trying to block it for a friend)
works great for but fails to block sites accessed through IE, am I missing something.
hi, ive tried doing it as followed to the instructions that you gave but nothing seems to be working. Im just wanting to block all this social sites like http://www.hi5.com, http://www.wayn.com, http://www.friendster.com, myspace and many more. To basically keep my kids from spending too much time on them and that i dont trust the friends that they are keeping in contact with. Ive done them according to the steps as provided but nothing seems to be working. Even after closing and restarting the IE or firefox again.
ive tried doing and following the steps given above as stated…if there something that im doing wrong?
still not working…ive tried it several times, i guess im not really much of a computer freak. please do guide me through…i have gone into the windows/system32/drivers/etc and into the hosts file to change it
127.0.0.1 localhost
127.0.0.1 http://www.hi5.com
127.0.0.1 http://www.friendster.com
127.0.0.1 http://www.skyblog.com
127.0.0.1 hi5.com
done and followed the whole entire steps of what was being taught if you wanted to add more
Go to Start > Run > enter “services.msc” then hit [Enter]
Navigate to DNS Client, right-click it, select Properties, under Start-up Type, select Manual. Click Apply. Then below that, click the Stop button. You should do this before you save a large list of servers to your HOSTS file. ( did all that as well) but somehow nothing seems to be working even though after i have closed and reopened the window.
Guide me please..
i just realise and forgot to ask, is there a way to enable and disable the way of using it? or do i just save it as it is and run from where i am. Do i have to go back into the dns client and click on start or change under the start-up type to automatic again and than click apply? i think ive basically tried everything i can…
desperately need help..
Thank u and sorry for being such a pain as im still learning…
I have tried with with success for http://www. based sites, but how do I block a non-www site?
Roger,
Don’t you mean http, not www? Can you give an example?
ext.name.com/name.com
127.0.0.1 ext.name.com
127.0.0.1 name.com
Instead of blocking certain sites, can a hosts file be configured to allow certain sites only……say I only want my kid to be able to see a handfull of sites and want the rest of the WWW cut off….can I do that?
to tony,
what you’ll need to do is this
127.0.0.1 localhost
127.0.0.2 hi5.com
127.0.0.3 friendster.com
127.0.0.4 skyblog.com
127.0.0.5 enter another site.
this will block entire websites.
Hey there,
I found the hosts file but cannot open it can you please help!
John,
Right-click the hosts file and choose Open. A box should pop up with a list of programs. Scroll down to Notepad or Wordpad and open with one of those.
It is not working still, just like terry said, i did everything. But still not blocking the website that i dont want : (
Help!
right click hosts file and open with, select from list and use notepad, noot scroll to 127.0.0.1 localhost, hit enter twice there must be a space between each entry. now to add myspace.
127.0.0.1 l localhost
127.0.0.1 http://www.myspace.com
close web browser, and re-open, myspace is now blocked.
sorry, should have added that to the above comment.
You also have to make sure that you don’t save the hosts file as a .txt file. It can’t have any extension. If you don’t have Windows showing file extensions on your system, you can still change them by right-clicking, choosing Properties, and checking for and removing the extension there.
I found a site that holds your hand through the process. http://www.theparentsedge.com/Block_Myspace.html
it worked for me.
The hosts file is really simple once you get the hang of it. One thing I am noticing is that there does not look like there are any spaces in the ip domain combo. So try this.
A quick way to open it is this.
click Start->Run
in the blank type: notepad C:\WINDOWS\system32\drivers\etc
This will open it in notepad.
copy the following:
127.0.0.5 myspace.com
127.0.0.5 facebook.com
127.0.0.5 anothersite.com
127.0.0.5 hi5.com
keep adding domains as you need. in notepad I use a tab between them not spacebars. Hosts files do not allow wildcard characters. To get into that level of blocking you need to have a router with a custom DNS table.
hmmmmmmm it removed my spaces too… lets try spacebars here instead of tabs…
127.0.0.5 site1.com
127.0.0.5 site2.com
Hi Dan,
The HOSTS file doesn’t support wildcards, so the answer is No. It would be nice to block something like *.myspace.com or *.info, etc, but it cannot be done.
i did all the steps needed to block a website but i had a problem in saving it. it says “make sure that the path and file name is correct”
Use the download Hostman from http://www.abelhadigital.com/2007/06/hostsman-3040-released.html
This comes with all the tools that you will need.
Simple easy way to block web sites, thanks for your easy to use information. Yes we could probably look up in Windows information but thanks to Bill Gates assuming everyone can split the atom, would make for one frustrating “search”. Thank you again nice site for internet information!
I just updated my HOSTS file thanks to http://www.mvps.org. Wow, I sound like a commercial. heh..
Whatever. So anyway, they have a HOST file you may download which has hundreds upon hundreds of hosts to be blocked not only for the purpose of blocking ads, but for security. Visit the following page for the wisdom! http://www.mvps.org/winhelp2002/hosts.htm
Take your time there. There’s good knowledge on this page! It’s well worth the time you decide to spend. Their HOSTS file for download is inside of a ZIP file which has a batch file (.bat for those of you who don’t know yet) that, when opened, will backup and replace your existing HOSTS file for you.
But for those of you who don’t want to lose what you already have in your HOSTS file, then check this out: I Copy/Pasted the content of their HOSTS file anyway because I had stuff in mine that wasn’t in theirs, and thus it would have been lost. And it was really easy. I put the cursor in front of the first entry (literally in front, on it’s far left side) in the really long list, then I pressed Shift+Ctrl+End in order to select everything from that point forward to the end so I could then go ahead and copy it. So then I pressed Ctrl+C to copy (if I pressed Ctrl+X, I would have cut the text, thus made a change, and I would have had to be bothered with the “Would you like the save the changes?” dialog box. No, thanks! heh).
Then I did Alt+F4, pressed Enter for “Ok” to save changes, and I was done. I went back to surfing, and suddenly, I was ad-free. Whatta wonderful thing.
Now to answer Ramjit, it’s simple: If their IP changes, the solution is simple: just add it to your HOSTS file (or replace the one which changed).
Always remember that you’re the one in control. You’re the user. To the computer, you’re God. This perspective should help reduce such questions with obvious answers. 
No offense intended here. I’m doing my personal best to help save you time.
Enjoy your ad-free web-surfing! (although, it won’t be 100% ad-free. Some sites are clever like that).
Hello sir,
I opened host file in the following way in notepad
c:\windows\system32\drivers\etc\host
I entered as
127.0.0.1 local host
127.0.0.1 http://www.yahoomail.com.
127.0.0.1 http://www.orkut.com.
even though is not blocking the entered websites
please help me.
thank you
meher
Meher,
localhost is one word. Also, make sure you don’t have periods at the end of each line. Enter root domains as well as http://www. sub-domains. For example, 127.0.0.1 yahoomail.com and 127.0.0.1 http://www.yahoomail.com
[...] host file for blocking malicious sites: Hosts file - Wikipedia, the free encyclopedia how to: All Things Marked HOWTO: Block websites using the HOSTS file __________________ In this day and age, with all the ugliness in the real world that surrounds [...]
Hi,
I was using Vim in WindowsXP to edit the host file. It was screwing up the new line or tab characters. Anyway, after nearly giving up, I tried Notepad and it worked. An example follows
127.0.0.1 orkut.com
127.0.0.1 http://www.orkut.com
There is a tab between the host address and host name. Also, I used two newlines after each address, name pair.
Hope it helps.
onestepsearch.com is….BBBBAAAALLLDDDD!!!!!! Can anyone help me how to block it? i dont feel like reading all of it
my sis goes to that website every time.thats why i wanted to block this site.
Guys, try using 0.0.0.0 instead of 127.0.0.1
For some odd reason, on some computers if you put 127.0.0.1 (local) it somehow resolves the proper i.p and goes out.
If you set the website to 0.0.0.0 there is NO WAY it is going to resolve.
Oops! We were unable to fulfill your request.
Sorry for the inconvenience, but we experienced an error fulfilling your request.
Go back to Home or click on the Back button of your browser to go back to the page you came from.
help me please
Hiya,when I open the host file it says that its a sample host file???How do I get to an active one??I’ve searched and it comes up with two sample hosts???any help will be greatley appreciated…….
I have Windows XP and Office 2000. There is one website that I can never connect to. Internet Explorer (7), shuts down as soon as I click on the site. I have tried doing this with the pop up blocker off but it makes no difference. I can never access this website. What do you think the reason might be please?
Keeps saying “cannot create…..make sure path & filename is correct” & “not enough memory available to complete this operation. quit one of more applications to increase availabel memory and then try again.”
i even tried the “extra step” for the DNS Client but keeps saying “unable to open DNScache for writing on Local Computer…Error5:Access Denied”
PLEASE HELP!
Just want to say Thanks! I been wanting to do this on my son’s computer for a while. It worked perfect!
Speak your mind:
Allowed HTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
about the web blocking, i tried it, but what if the ip chages? is there any solution to that?
thank you