How to Use DNS to Block Websites

Every time your browser accesses a Web page, it silently requests the IP address of the website from a DNS server so it can direct the request to the right server. Since all Internet requests must first pass through a DNS server, you can configure a DNS server to redirect all requests for websites you want to block to an alternate page that informs the user that you've blocked access to these sites.

Hands on a laptop computer
Image Credit: Medioimages/Photodisc/Photodisc/Getty Images

Establish and Configure DNS Account

Step 1

Create an account with a DNS provider that offers free Web filtering, such as OpenDNS. Log in to your account and enter specific URLs you want to block, or choose from predefined categories of websites that the DNS provider maintains, such as "Pornography," "Academic Fraud" and "P2P File Sharing."

Step 2

Write down the two IP addresses of the public DNS servers. For example, the OpenDNS server addresses are 208.67.222.222 and 208.67.220.220.

Step 3

Open a browser on your computer and access the Setup Page for your router. For example, on some wireless routers, you can type http://192.168.1.1 in the browser address bar and press Enter. Type your Administrative Username and Password to log in to the router and change its settings.

Step 4

Open the Setup Page for the local area network, which will also contain settings for the dynamic control host protocol, or DHCP, server. Locate the DHCP setting that enables you to designate one or more static DNS server IP addresses. Type the local address of your router for the first DNS IP address, for example 192.168.1.1, and the two DNS IP addresses from your provider in the other DNS fields. Save your changes and reboot your router.

Restrict User Privileges

Step 1

Visit each user's computer that you're filtering through the DNS servers and log in as an administrator. In Windows 8, swipe from the right side of the screen (or if using a mouse, point to the upper-right corner of the screen) and choose Search. In Windows 7, click Start. Type gpedit.msc in the search box and press Enter.

Step 2

Select User Configuration, Administrative Template, Network and then Network Connections to open the network connection settings properties. Locate the setting labeled Prohibit Access to Properties of Components of a LAN Connection, right-click and select Edit. Choose Enabled and then select OK to save your changes.

Step 3

Open the Control Panel and select User Accounts. Choose Manage another account, select Yes to confirm, if prompted, and choose the user's account you want to change.

Step 4

Select Change the Account Type, choose Standard and then tap or click Change Account Type.

Tip

If you only want to block a few websites, many routers have basic built-in parental control or website blocking features that are more difficult to circumvent that a public DNS server. Refer to your Router's user's manual for information.

Warning

In addition to circumventing the DNS server by changing network setup parameters, a user with sufficient privileges can edit the Hosts file and enter a valid IP address for specific websites. Since the hosts file is always consulted first, when the computer finds an entry for the website, it won't search the DNS server you set up.

references