[SOLVED] Looking to block internet browsers on a business pc

Toggle sidebar Toggle sidebar
S

ShadowS988

Reputable
Jul 26, 2016
26
0
4,530
Hey all I’m setting up work PCs for my business and in need to disable internet browsers so they can’t go on the internet. The pc needs to be connected to talk to a server but I would like it so they can’t go on a web browser.
 
Solution
Math Geek
right i use portable apps to get around all the blocks on the school pc's i had to use. so a local policy on each pc is not really going to stop someone who knows what to do. it's easy to go around any of those policies.

as UAFRet noted, allow a specific server ip at the border device and block all others. not they can fire up whatever they want and it's not going to connect to anything but that one single ip. the vpn idea is also a VERY good idea for pc's that are connecting from outside the local network. much more secure than simply logging by password or whatever.
Sort by date Sort by votes
USAFRet

USAFRet

Titan
Moderator
Mar 16, 2013
171,278
17,810
184,590
ShadowS988 said:
Hey all I’m setting up work PCs for my business and in need to disable internet browsers so they can’t go on the internet. The pc needs to be connected to talk to a server but I would like it so they can’t go on a web browser.
Click to expand...
Do you want to block browser functionality, or do you want to block internet access?
They are not quite the same thing.
 
  • Like
Reactions: Krotow
Upvote 0 Downvote
S

ShadowS988

Reputable
Jul 26, 2016
26
0
4,530
USAFRet said:
Do you want to block browser functionality, or do you want to block internet access?
They are not quite the same thing.
Click to expand...
I would like to block all web browsing so the standard account can’t use a web browser to access the internet or download a web browser. I need the PCs to have internet access to talk to the server.
 
Upvote 0 Downvote
USAFRet

USAFRet

Titan
Moderator
Mar 16, 2013
171,278
17,810
184,590
ShadowS988 said:
I would like to block all web browsing so the standard account can’t use a web browser to access the internet or download a web browser. I need the PCs to have internet access to talk to the server.
Click to expand...
It seems they need LAN access, not internet access. Completely different.

Block outside traffic at the border device. Whatever router you use.
Whitelist only those systems that DO need outside access. All others, deny.
 
  • Like
Reactions: Krotow
Upvote 0 Downvote
USAFRet

USAFRet

Titan
Moderator
Mar 16, 2013
171,278
17,810
184,590
ShadowS988 said:
Thing is the server is at a different location for 2 of the PCs. Is there a option in windows to block a web browser access and installing other web browsers?
Click to expand...
A Standard user can't install anything, without the Admin password.
Again, you block or allow traffic at your border device. Not the individual systems.

"Systems A, B, and C can only connect to IP address <whatever the server is>. Deny all other outside access."
Also, look into VPN. Virtual Private Networking. It creates a tunnel to your outside server, and everything appears as being on the same "LAN".


It sounds like you need some onsite consulting, from a local networking person.
 
Upvote 0 Downvote
H

hotaru.hino

Glorious
Sep 1, 2020
9,518
3,459
46,090
You can still install applications without admin privileges as long as they don't try to install in a protected directory (like Program Files) and/or write to the registry. For example, Portable Apps. Also Discord and Chrome do local account installs.

But yeah, would agree this would be easier to do on the network level.
 
Upvote 0 Downvote
USAFRet

USAFRet

Titan
Moderator
Mar 16, 2013
171,278
17,810
184,590
hotaru.hino said:
You can still install applications without admin privileges as long as they don't try to install in a protected directory (like Program Files) and/or write to the registry. For example, Portable Apps. Also Discord and Chrome do local account installs.

But yeah, would agree this would be easier to do on the network level.
Click to expand...
Well, yeah...PortableApps. Run with no install at all, direct from a USB.
 
Upvote 0 Downvote
Math Geek

Math Geek

Titan
Ambassador
Oct 15, 2014
18,016
2,331
101,590
right i use portable apps to get around all the blocks on the school pc's i had to use. so a local policy on each pc is not really going to stop someone who knows what to do. it's easy to go around any of those policies.

as UAFRet noted, allow a specific server ip at the border device and block all others. not they can fire up whatever they want and it's not going to connect to anything but that one single ip. the vpn idea is also a VERY good idea for pc's that are connecting from outside the local network. much more secure than simply logging by password or whatever.
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom