How to block IP or website using PowerShell in Windows 10

How to block an IP or website using PowerShell in Windows 10

PowerShell comes with a Netsecurity module that allows you to configure the Windows Firewall. You can use the feature – New-NetFirewallRule – in Netsecurity to block an IP address or website using Windows PowerShell. This feature allows you to create a new inbound or outbound firewall rule and add the rule to the target computer.

While blocking IP address ranges works perfectly, blocking a website or domain is difficult. This is because multiple IP addresses can be connected to a domain, and while you can prevent them, the DNS resolver may request a different IP address each time. Also, sometimes the same IP address can be used by related services, and blocking that IP address will also mean blocking other services.

1. Block local or Internet IP addresses
2. Blocking a website or domain names

You will need administrator rights to execute them.

1] Block IP or range with PowerShell

Using this command, you can use a single IP address or a range of IP addresses. Run the following command in PowerShell.

New-NetFirewallRule -DisplayName "Block XYZ.com IP address" 
-Direction Outbound –LocalPort Any -Protocol TCP -Action Block 
-RemoteAddress 146.185.220.0/23 

You can replace Block XYZ.com’s IP address with anything you can remember or something that is easy to understand when you look back at it. The IP address specified at the end of the Remote Address parameter will be blocked. Any website or service that allows this will be blocked. You can replace the Remote Address option with the Local Address option if the IP is a local network IP address.

When execution completes, you should receive a status message: “The rule was successfully parsed from the store. (65536)”. Open Windows Firewall and check if the entry is available. Once confirmed, you will be able to add more using PowerShell.

2] Block Website or Domain with PowerShell

Since the function does not support URL blocking, we have two options. First you need to request all possible IP addresses of this domain and block them. The second is to find known official IP address ranges and block them. The latter has less chance of accidentally blocking other services compared to the former. However, if domain blocking is necessary, you can always use other software to block them.

Resolve-DnsName "facebook.com"

Note the IP address we will be using in the second method

New-NetFirewallRule -DisplayName "Block XYZ.com IP address"
-Direction Outbound -LocalPort Any -Protocol TCP -Action Block
-RemoteAddress 146.185.220.0/23

When I used this from YouTube it didn’t work even though the direct IP was blocked. When I used it with Facebook it worked. Thus, if a website can be resolved using multiple IP addresses, this method will not work.

Using PowerShell commands is straightforward. If you’ve ever used the command line, that’s just as good; I hope you were able to successfully block an IP or website using PowerShell on Windows. Anytime you want to remove them, you can do so from Windows Firewall or use the Remove-NetFirewallRule command .