Block facebook but not through router
Hi everyone, We are looking to block facebook in our office. We have a watchguard firebox router but are only able to block IP address rather than web addresses unless we subscribe to something called webblocker. I've tried blocking facebooks IP addresses but they seem to keep adding them daily and its a nightmare for me!
We don't want to pay that subscription so I was looking for advice on how to achieve this blocking.
In my limited knowledge, my first idea was to point all users DNS server to our Small Business Server. I would then edit the HOSTS file on the SBS server to resolve www.facebook.com to 127.0.0.1.
I tried this on one PC but it happily ignores that and goes straight to facebook.
Could anyone point me in the right direction. Please note we use a WORKGROUP and are not on a domain.
Thanks
John
Re: Block facebook but not through router
Open the hosts file from "C:\WINDOWS\system32\drivers\etc\" and add the below line:
at the end of the file. Save it and you are done.
Re: Block facebook but not through router
Hi, thanks for the reply. Im aware of that feature but I don't really want to have to go to each PC and do this (and have to do it again when we want another website blocking).
If I could point them all at one location and do the changes from there it would really help.
Thanks
John
Re: Block facebook but not through router
For such things I use OpenDNS which is really very helpful. You just need to create a user name and password here. Then setup the filtering request. In your router you need to adjust your dns settings and done. Now you can allows and block sites which you want. This makes you avoid any software in your system which can be stopped easily.
Re: Block facebook but not through router
Actually when you use a opendns server and set some option on filtering mode then only those systems are affected who are using that particular dns address and other are not affected at all. Means if you had assigned open dns on your pc and others are not configured on the same then they are not affected. Only facebook will be block on your pc. Then comes the router thing. If you assign the filtered dns on router then the entire network will not able to access the same. You have to make the setting directly in the router control panel.
Re: Block facebook but not through router
thanks addie, thats what I was hoping. Just one last question :-)
I don't believe any of our users are that clever but if they wanted to go on a blocked site, I assume there would be nothing stopping them from changing their own DNS settings.
All PCs are assigned DHCP so the DNS servers are just picked up automatically but guess they could just add their own?
Thanks for all the replies here, its been really helpful.
Re: Block facebook but not through router
You can also try to install a web-proxy server and filter by URL policy, or even by content, depending on the software you decided to install, I think it's the best way to achieve a complete and detailed administration and web logging, or you can make a script that disables these rules, and use the "system scheduler" to run this script at certain times. you will need another script that enables these rules again.
Re: Block facebook but not through router
You can do it in two ways, first with the software and the second with the dns blocking.
1) If you are going to use software then you can block multiple programs or softwares, such as images and games which you feel are dangerous for your computer. Now, if you want to block facebook from the software then I guess you will have to buy one of these softwares.
Some of the products that I would like to suggest are
- McAfee Parental Controls
- Safe Eyes
- MaxProtect
- CYBERsitter
Definately there are more softwares then this, but this are the recommended once. After you have finished purchasing the software you will need to read the lenience of the product.
2) You can also do this by DNS blocking, if you are provided a DNS by your service provider then you can block the sites which you do not need or do not want to display, because DNS converts the web address to the words. By using this method you will not need any of the softwares to be installed on your computer. But I think you will have very less options for customization. As it is said in the above post you can use the OpenDNS service, this can also be an a good option.
If you do not want to block a site through the software then you will need to use the first method , that is you will need to install a software.