The internet has become a common aspect of our everyday lives. We use it for communicating with friends and family abroad, get the latest news, buy and sell goods online, even ordering pizza. But the internet is not all good things, so you might want to have some control over what websites or services can be accessed from your home or work computers. This article describes three different methods of controlling access.
edit the hosts file
You can achieve very basic control by modifying the Hosts file which is part of the Windows operating system. You can edit the hosts file in a text editor such as notepad, and add websites that you want blocked to the file. Open C:\Windows\System32\drivers\etc.\hosts (Note: the "hosts" file has no file extension and will not automatically open in a text editor). Go to the end of the file and start a new line. Enter 127.0.0.1, a space, and then a domain name that you want to block (e.g. "facebook.com"). Create another line but this time add www. to the beginning of the domain. The new lines that you created in the hosts file should look like this:
Repeat the steps for any other domains that you want to block and save your hosts file. When your computer tries to find a website that is listed in the hosts file, it will try to get the website from 127.0.0.1 (your own computer) instead of the actual server IP where the website is hosted. This results in a "Server not found" error message when browsing to the blocked domain.
The hosts file acts as a filter on each client computer, so these steps must be performed on every computer that you want to control. This is OK in small networks, but will become more difficult to manage with more computers.
- Very easy to set up
- No additional software required
- It is very hard to maintain a long list of blocked websites.
- You have to set up and maintain this list of sites on each computer you want to control.
- Tech savvy users could circumvent these blocks and access the websites without too much difficulty.
install a hardware router
While most low end routers don't offer very much control over what comes in and what goes out of the network, some more advanced hardware routers give you the ability to manage your networks internet access and set blocked sites centrally in the router. Sonic Firewall and Watchguard Firebox are two suppliers who offer such hardware routers for small businesses and home users.
- Users cannot bypass the router
- You don't need to have another computer up and running all the time
- One single point to manage your list of blocked sites that effects all computers
- More expensive than software solutions
- Initial setup may require some reconfiguration of your network
- You might have to upgrade the hardware in the future if the amount of workstations on your network grows
setup a proxy server
If you want even more power to monitor and control internet access, then you should consider using a solution designed specifically for the task. Programs such as WinGate Proxy Server (Windows 2000, XP, Vista, 7) or WinProxy (Windows 95, 98, NT, 2000, XP) are two such solutions. Proxy server software is usually installed on a dedicated computer in your home or office network, and the other computers on the network are configured to connect to the Internet through the proxy server. The proxy then handles all internet traffic for the network and is able to log, monitor and filter internet access. For small networks a lower spec computer will be up to the task of hosting a proxy service, but you could also use an existing workstation or server, for example an active directory server, print server or file server.
The typical setup for a proxy server is to have two network interfaces, one facing the local network and one facing the internet router. This makes the server the only gateway to the internet for the client computers which prevents tech savvy users from bypassing the proxy.
- Easy to maintain.
- Gives you lots of additional features, such as bandwidth limiting, website caching, real-time monitoring and logging of visited websites.
- You can purchase additional licenses if your network grows and you want to connect more users to your network.
- You have to install additional software on your computer.
- Your proxy server must be up and running for the network to have internet access.