How to Close Computer Ports

By Paul Higgins

Windows Firewall -- a native Windows 8 and 7.1 application -- lets you block network ports to prevent your computer from sending or receiving data through them. Blocking a port using Windows Firewall requires you to create a new security rule and customize its settings using a wizard.

Step 1

Open the Start Screen under Windows 8.1 or the Start Menu under Windows 7 and type **Firewall** in the search bar. Select **Windows Firewall** from the list of results to open the Windows Firewall application.

Step 2

Click on **Advanced Settings** in the sidebar.

Step 3

Select either **Inbound Rules** from the sidebar if you want to prevent your computer from receiving data through a specific port or **Outbound Rules** to prevent it from sending data through that same port. If your security concerns you, *blocking inbound traffic* is probably the most suitable option as it helps prevent third-parties -- including potentially malicious users -- from sending data to your computer through open ports. In some cases, however, *blocking outbound traffic* may be more appropriate -- for example, to prevent a program on your computer from sending data over the Internet, or if you have received complaints from your Internet service provider regarding spam sent by malware installed on your computer.

Step 4

Open the **Action** menu and select **New Rule** to open the New Rule wizard.

Step 5

Select **Port** and click on **Next.**

Step 6

Select either **TCP** to block transmission control protocol data or **UDP** if you would rather block user datagram protocol data. UDP and TCP are the two main protocols that programs use to communicate over the Internet. While some programs rely on a single protocol, many others use both TCP and UDP, depending on which data they need to send or receive. To block a program from receiving or sending data, a Google search can help you find out which protocol that particular program uses. Alternatively, if you are unsure which protocol to block, consider blocking both UDP and TCP traffic by creating two separate rules -- one for TCP and one for UDP. Enter the port number you want to block next to **Specific Local Ports** and click on **Next.** Alternatively, enter a port range in the **X-Y** format to block all ports between numbers X and Y. For example, enter **4000-4100** to block all ports in that range.

Step 7

Select **Block the Connection** and click on **Next.**

Step 8

Select **Next.** Optionally, untick one or several of the check boxes if you do not want Windows Firewall to block the selected port when your computer is connected to a specific network type. For example, if you want the port to remain open while your computer is connected to a network you labeled as private, untick the second check box.

Step 9

Name your new rule and click on **Finish** to save your new rule. Optionally, enter a description in the text field, for example, to help you remember in a few months or years why you created that rule.

Tips & Warnings

  • Most routers come with a built-in firewall that you may use as an alternative to Windows Firewall. Blocking ports using a router's built-in firewall prevents every device connected to that router from either sending or receiving data through those ports. However, a router's built-in firewall doesn't protect your machine from attacks originating from within your own network. To find out how to block a port using your router's firewall, refer to the device's documentation.
  • Programs sometimes create their own Windows Firewall rules upon installation to prevent the firewall from blocking their inbound or outbound data. In addition, if you manually choose to allow an application to access the Internet when prompted by Windows Firewall, it automatically creates a program-specific rule. You can review the rules in effect on your computer by opening the "Windows Firewall With Advanced Security" window and selecting either "Inbound Rules" or "Outbound Rules." Delete or disable a rule by right-clicking it and selecting either "Disable Rule" or "Delete." Alternatively, you can edit a rule by double-clicking it. Block or allow a program to connect to the Internet by selecting either "Allow" or "Block" from the General tab. You can also change which network profiles -- domain, private or public -- this rule applies to from the "Advanced" tab.
  • Blocking a port prevents any application from either sending or receiving data through it. Therefore, be careful not to block ports some of your applications need to access as it would prevent them from connecting to the Internet or to other devices. You can find which ports a specific program needs to access by performing a search on Google or Bing.