How to block all Windows 10 processes, except one

Users have been asking on the official forums if there is a way you can block all Internet activity using the Firewall, except their IP.

Given that this is a prevailing question asked on plenty of other forums as well, it was decided to look into the issue.

Is it possible to auto block all applications incoming/outgoing internet connection except for example Firefox with default windows firewall? I would like to block everything, even including windows update and other software updates. I would like to allow only one web browser like firefox, chrome or opera.

The first solution that may pop into your head would be to just block the applications one-by-one.
However, unless your PC has a fresh Windows install and there few programs and processes, this can end up being a tedious task.

How can you block all Windows 10 processes except one, at once?

1. Manually block processes one-by-one

While admittedly the most tedious method of them all, it is also the simplest.

This makes it excellent for those who aren’t used to using a computer too much.

1. Press Windows + R
2. Type in control.exe, which will open the Control Panel
3. Select View by (Top-right corner) to Category
4. Click on System and Security
5. Under the Windows Defender Firewall, select Allow an app through Windows Firewall
6. Deselect both boxes corresponding to each process until you finish the list

2. Make Windows Firewall block all outgoing traffic by default, then select the exceptions

This is pretty much the opposite of the method listed above, as it is best used when you have too many processes that need blocking.

1. Press Windows + R
2. Type in control.exe, which will open the Control Panel
3. Select View by (Top-right corner) to Small icons
4. Click Administrative Tools
5. Select Windows Defender Firewall with Advanced Security
6. Click Windows Firewall Properties (on the right side)
7. Click next to Outbound connections and select Block from the list
8. Confirm your changes by selecting OK
9. Delete the block all outgoing traffic rule

3. Use IPSec

1. Click Windows
2. Type in MMC and select it from the list
3. In the new window, click File
4. Click Add/Remove Snap-In
5. Select Add the IP Security Policy Snap-In
6. Click OK
7. Right-click on the middle section and click Create IP Security Policy
8. Follow the wizard using default values and whatever names you want
9. After the first wizard, a new window will appear, When it does, click Add
10. Click Next 3 times, and then click Add
11. Name it something relevant, like Block all, and click Add
12. Go through that wizard with just default values, and click OK at the end
13. Select Block All and click Next and then Add… again
14. Follow the wizard, and give it the name Block, then select it as an action
15. Repeat Steps 9-14 selecting the proper source, destination or protocol and selecting Permit in Step 14

RELATED STORIES YOU SHOULD CHECK OUT:

How do I configure the Windows firewall to block communication with all except one IP address?

so I am the admin of a club laptop, which runs on windows 10, and is connected to the internet via an usb stick with a sim card, which unfortunately has limited internet, so to prevent people from watching for example youtube videos, i want to block all websites,but one, which is the club site. Is there any way of doing this with the windows firewall? Thanks for all help!

1 Answer 1

I would suggest the following approach:

1. Save the current firewall rules
2. Set the default outbound firewall policy to block all
3. Delete all outbound firewall rules
4. Add a single rule to allow your website

Below are the directions in detail.

Save the current firewall rules

• Start Windows Defender Firewall with Advanced Security
• Right-click the upper item — Windows Defender Firewall with Advanced Security
• Select Export Policy.
• Follow the prompts to save.

Set the default outbound firewall policy to block all

• Right-click again the upper item — Windows Defender Firewall with Advanced Security
• Select Properties
• Switch Outbound connections from «Allow (default)» to «Block»

Delete all outbound firewall rules

• Click on Outbound Rules
• Click on the middle pane on some item to set the focus
• Type Ctrl + A to select all the rules
• Right-click any selected rule and choose Delete

Add a single rule to allow your website

• Still in Outbound Rules, click in the Actions pane on *New Rule»
• Select Custom and Next
• Leave selected All programs and click Next
• Leave Protocol Type as Any and click Next
• In Scope, under Which remote IP addresses does this rule apply to?, select These IP addresses:
• Click Add. and enter the IP address of your website and click OK
• Click Next
• Select Allow the connection and click Next
• Leave all profiles checked and click Next
• Give a name to your rule and click Finish

Undoing this configuration

To return to normal unblocked rules :

• Start Windows Defender Firewall with Advanced Security
• Right-click the upper item — Windows Defender Firewall with Advanced Security
• Select Import Policy. and point to the save file created in the first step.

You could also save the blocked state, so it may quickly be reset again by using the Import Policy command as above.

In answer to the query about making it work for wikipedia.org, I believe the problem has arrived in the above step of «Add a single rule to allow your website», which was badly written (corrected now).

This step needs to be filled as follows, where the IP range is 91.198.174.192/27 (found in this article):

Windows firewall block all except

This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Answered by:

Question

I tried to block all the traffic and allow only my IP in windows firewall. Unfortunately its blocking all my traffic. Is there any priority level need to set in firewall ?. I don’t have much knowledge in Windows as i’m a Linux Admin.

in Linux, first rule is preferred in policy. In windows, I did the same put my allow rule first and put my Deny rule underneath.

Someone have any idea on what is the reason for this.

Answers

For the built-in Windows firewall, deny rules take precedence over allow rules regardless of order.

If you’re wanting to block all traffic, then you want to change the «default action» to «block»

WARNING: If you are connected remotely, this change may disconnect you from the computer.

First, add in your desired «Allow» rules and delete (or disable) your «Block» rules.

Open the «Windows Firewall with Advanced Security» snapin, select «Windows Firewall Properties», and then change the «Inbound Connections» and/or «Outbound Connections» to «Block»

All replies

For the built-in Windows firewall, deny rules take precedence over allow rules regardless of order.

If you’re wanting to block all traffic, then you want to change the «default action» to «block»

WARNING: If you are connected remotely, this change may disconnect you from the computer.

First, add in your desired «Allow» rules and delete (or disable) your «Block» rules.

Open the «Windows Firewall with Advanced Security» snapin, select «Windows Firewall Properties», and then change the «Inbound Connections» and/or «Outbound Connections» to «Block»

There are 2 different way you can achieve this

1. configure Windows Firewall to block all outgoing traffic by default, and then only allow the incoming connection(s) you want.

click on Windows Firewall with Advanced Security in the left pane, and choose Windows Firewall Properties from the right pane. Next to Outbound connections , choose Block . Then, click OK . and then delete the block all outgoing traffic rule

1. lick Start and type MMC then select the MMC from the list.
2. Click File -> Add/Remove Snap-In -> Add the IP Security Policy Snap-In and Click Ok
3. Right Click on the middle section and click «Create IP Security Policy»
4. Follow through the first wizard with the defaults giving the name/description you want.
5. With the Windows that opens after the first wizard click «Add. «
6. Click «Next» x3 and then click «Add. «
7. Give the name of «Block All» or something similar. Click «Add. «
8. Run through that wizard keeping all the defaults and click «OK»
9. Select «Block All» and click «Next» and then «Add. » again
10. Follow the wizard giving the name of «Block» and select «Block» as the action.
11. Repeat Steps 5-10 selecting the proper source/destination/protocol and selecting «Permit» in Step 10.
12. for step by step procedure with screenshot please refer this

Hope this helps!

Please don’t forget to “ mark the replies as answers ” if they helped, also set « like » it’s a boost for us to keep blogging J

Click here to learn more. Visit the dedicated Community forum to share , explore and talk to experts about Microsoft Kaizala.

Configure Windows Firewall to block ALL applications system-wide, except for a select few?

I’d like to make it so Windows disregards internet access for every system and user application, and let me add exceptions as I see fit, but I’m having problems.

Going to «Windows Firewall with Advanced Security», selecting «Windows Firewall Properties», and then setting Inbound/Outbound connections to «Block» on all tabs should theoretically, as described on the previous menu, block inbound/outbound connections for applications that do not match a rule. In this case, everything except my internet browser, but it does something else instead. It completely turns off any Internet access to the device, and puts it in a «Limited» state (Local connection). This means I can’t access the internet anywhere, and I’m not sure how to fix it. Disabling Windows Firewall allows internet access yet again, but I can’t live with the amount of connections this system makes without being paranoid.

Is there perhaps a system service I need to allow internet access to before I can get my primary applications to function over the net? That’s the only thing I can think of, but I wouldn’t know which one to allow access to. I’ve scanned this site for a little bit, and I can’t really find anything that helps.

1 Answer 1

In the comments, you said:

It’s currently blank, besides my browser.

There’s your problem. You need a little more than just the web browser to have a working Internet connection. Specifically, all of the Core Networking rules are important, especially DNS. (It’s rather difficult to visit web sites if you can’t resolve their IPs.)

You can restore the standard rules — both outbound and inbound — by right-clicking the root node in the firewall management window and choosing Restore Default Policy. That will roll back the firewall state to what it was when Windows was first installed. You’ll lose all custom entries, so some programs might need to have their rules re-added. (Alternatively, you could attempt to restore them by creating «predefined» rules.) After you do that, you can try disabling some outbound rules until stuff breaks, at which point you’ve discovered which ones are critical. Be aware that the network icon in the notification area isn’t necessarily right about whether you can access the Internet; its checks may differ from what you’re interested in.

My experimentation indicates that only the Core Networking ones are super important. You’ll need to allow your browser too, of course. Note: Some browsers (Microsoft Edge, for instance) have one executable that is the UI and one that makes the actual requests; you need to unblock the latter.

I recommend also allowing the Windows Update service; you can create a service rule by creating a «custom rule», leaving the Program screen setting at All programs, and choosing a service with the Customize button at the bottom.

If you want pinging to work, you’ll need to create a rule that allows certain types of ICMP traffic, which will also be a «custom rule.» Let it apply to all programs, but on the Protocols and Ports screen, click the Customize button after choosing ICMPv4 as the protocol. Select the specific types that you’re interested in; I recommend Echo Request (ping) and Destination Unreachable.