Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

How to create advanced rules in the Windows Firewall - fixedByVonnie

How to create advanced rules in the Windows Firewall

Forget all the third-party firewall tools out there that promise to protect your PC.  The Windows Firewall is advanced enough and has everything you need.

Today I just want to show you how to block a specific application from running and show you what you can do.

Let’s be honest: the Windows Firewall tool is intimidating.  It’s not for children under the age of 35.  Its not very user friendly and therefore sometimes it’s easier to look for a third-party solution.

There’s a dizzying array of panes, rows and rules.  There’s also a vertiginous variety of settings.  How do you know where to start?

Start with fixedByVonnie of course! haha so check it out – let’s launch this thing.


 

Press the Windows Key and type "firewall" or if you’re on a Windows 8/8.1 PC press the Windows logo Key + w and enter firewall.

Say Hi to your Windows Firewall.

Say Hi to the Windows Firewall

The first thing you’ll notice are three security profiles:

  • Domain Networks
  • Private Networks
  • Guest or Public Networks

So the Windows Firewall is way smarter than a box of bricks.  It can detect when you’re connected to a specific network and then apply specific rules only to that network.

So if you’re in the workplace attached to the corporate domain network you’ll get a specific set of restrictions but when you go home and connect to your private network you can have a different set of restrictions.  The other profile labeled “Guest/Public Network” is best for when you’re using an untrusted network such as from a hotel lobby, coffee shop or airport terminal.

I should also mention that you can apply multiple profiles to a single application.  So you can permit Google Chrome on the Private and Guest networks but forbid it on the corporate network.


 

By default Windows will block all inbound connections and allows outbound requests.

This means the mendacious cartel of hackers half way around the globe can’t infiltrate your PC without getting kicked in the groin by the Windows Firewall.

If you just want to start blocking and allowing specific applications, click Allow an app or feature through Windows Firewall in the upper left corner of the window.

Firewall Allowed Apps

Now you can sift the list and pick which profiles should allow access.

Incidentally, it’s always safer to allow an app than a port because closing the application closes the firewall hole.  If you allowed the port instead then it could remain open even after the application assigned to use it stops running.

The Allowed Apps list in the Windows 8.1 Firewall

Let’s dive into some advanced configuration.

By the way, I’m running on zero hours of sleep so if this post is incoherent – that’s why.  You’ve been warned.  Having a new born son will do that to ya.

Click Advanced Settings which is located in the middle of the left pane of the main Firewall screen.

This will open a byzantine mess of policies, profiles and rules that might give you the runs. (assuming you had prunes for lunch)

All three blocking profiles are displayed in the middle pane.  They’re flanked on both sides by your rules and actions.

If you click Windows Firewall Properties in the center pane you can really tune the behavior of all three profiles.

Welcome to the Windows Firewall with Advanced Security

For example, each tab along the top corresponds to a firewall profile.

Here you can completely disable specific profiles.  You can also change the behavior for inbound, outbound and protected network connections (stuff like your Bluetooth networks).

Advanced Security Settings in the Windows Firewall

If you notice certain applications stopped working that you wanted to keep running you can always dive head first into the logs.

%systemroot%\system32\LogFiles\Firewall\pfirewall.log

Rules rule

Click the type of rule you want to create from the left pane (Inbound, Outbound, etc) and then choose New Rule… from the right pane.

Sounds like a bad dance.  Put your left hand here, put your right hand there, shake your ass and then do a little shout.  Okay that made no sense – let’s continue.

Create a new firewall rule

You basically get four rule options:

  • As you guessed, Program lets you allow or deny a specific program.
  • Ports lets you pick TCP or UDP ports.
  • Predefined are like Windows presets; basically pre-configured rules for popular devices.
  • Custom gives you maximum control over every last detail of the rule.  Unless you’re the OCD type you probably won’t be using this one.

The steps listed in the left pane change depending on the rule you choose in the right pane.  So when I choose Program, I see a Program step but if I choose Custom I get Program, Protocol, Ports and Scope steps.

New inbound firewall rule

If I wanted to stop people on this computer from running Google Chrome I could simply browse to the Chrome executable and click Next.

Firewall Program Path

Now we’re ready to tell the Windows Firewall to kick Chrome in the pants.

Allow the connection assumes we’re already blocking everything.  This would be like creating an exception for one app.  Let’s block it for now.

Blocking a connection in the Windows Firewall

Now we just pick all relevant profiles…

Pick your Firewall profile

And give your rule a meaningful name before clicking Finish.  This is the same name that will appear in your rules list so make sure you can easily find it.

Name your Firewall rule

That’s it.  Now you can delete the rule, clone it or keep it around in a dormant state.

Windows Firewall Rules rock

Alright I’m going to take a nap, I’m seriously about to pass out.  Leave a comment and I might respond when I wake from my coma.

About

Connect with Vonnie on Twitter

Posted in Windows, Windows 7, Windows 8, Windows 8.1 Tagged with: , ,