How to Use DNS to Block Websites

By Steve McDonnell

Every time your browser accesses a Web page, it silently requests the IP address of the website from a DNS server so it can direct the request to the right server. Since all Internet requests must first pass through a DNS server, you can configure a DNS server to redirect all requests for websites you want to block to an alternate page that informs the user that you've blocked access to these sites.

Establish and Configure DNS Account

Step 1

Create an account with a DNS provider that offers free Web filtering, such as [OpenDNS](https://www.opendns.com/). Log in to your account and enter specific URLs you want to block, or choose from predefined categories of websites that the DNS provider maintains, such as "Pornography," "Academic Fraud" and "P2P File Sharing."

Step 2

Write down the **two IP addresses of the public DNS servers**. For example, the OpenDNS server addresses are **208.67.222.222** and **208.67.220.220**.

Step 3

Open a browser on your computer and access the **Setup Page for your router**. For example, on some wireless routers, you can type **http://192.168.1.1** in the browser address bar and press **Enter**. Type your **Administrative Username** and **Password** to log in to the router and change its settings.

Step 4

Open the **Setup Page for the local area network**, which will also contain settings for the dynamic control host protocol, or DHCP, server. Locate the **DHCP setting** that enables you to designate one or more static DNS server IP addresses. Type the local address of your router for the first DNS IP address, for example **192.168.1.1**, and the **two DNS IP addresses** from your provider in the other DNS fields. Save your changes and reboot your router.

Restrict User Privileges

Step 1

Visit each user's computer that you're filtering through the DNS servers and log in as an administrator. In Windows 8, swipe from the right side of the screen (or if using a mouse, point to the upper-right corner of the screen) and choose **Search**. In Windows 7, click **Start**. Type **gpedit.msc** in the search box and press **Enter**.

Step 2

Select **User Configuration**, **Administrative Template**, **Network** and then **Network Connections** to open the network connection settings properties. Locate the setting labeled **Prohibit Access to Properties of Components of a LAN Connection**, right-click and select **Edit**. Choose **Enabled** and then select **OK** to save your changes.

Step 3

Open the **Control Panel** and select **User Accounts**. Choose **Manage another account**, select **Yes** to confirm, if prompted, and choose the user's account you want to change.

Step 4

Select **Change the Account Type**, choose **Standard** and then tap or click **Change Account Type**.