OPNsense Forum
English Forums => General Discussion => Topic started by: kinghnvn on January 13, 2021, 05:01:53 am
-
Hi all,
How to block a website / URL?
Could you please teach me the steps details?
E.g. I want to block this URL https://www.bbc.com
-
I assume you want to block clients on your LAN from accessing that URL?
If so, one way is:
Create a Host(s) Alias for www.bbc.com
Then create a firewall rule into the LAN interface, Action Block (or Reject), IP versions IPv4+IPv6, protocol TCP, source any, destination the Alias created above, destination port HTTPS (you can also block HTTP if you want - easiest way to do both would be to create a Port(s) Alias for both HTTP and HTTPS and use that Alias for the destination port in the firewall rule)
Make sure the rule is above the Allow LAN to any rules in the list
-
I have tried but still can access to www.bbc.com :)
Please find attached files and have look.
Thanks.
-
Look where your block rule is placed...
-
Make sure the rule is above the Allow LAN to any rules in the list -> OK, thanks Brother.
-
Large websites like BBC.com use more than just one IP address, so the advice above will work only when DNS resolution of bbc.com will return that specific IP address you put into the rule. You are up to a game of whack-a-mole if you hope to block large global websites by their IP addresses...
See my other post related to Netflix how to approach blocking with Sensei or DNS.
-
The advice above was to specify the URL (domain, not IP) in the Alias, which creates a table of all IPs to which that URL resolves, which by default is also updated every 300s