[Tutorial] Block applications from accessing the Internet with Windows Firewall

Firewall Outbound Rules

In our connected world, many applications in any given OS need to be have access to the Internet in order to operate correctly. However, just because an application can connect online does not mean it should. For instance, you may want to block the online component of games because you find them distracting or maybe because your kid is also playing and online multiplayer matches are like a crash course to swearing, something that humans should not have access to until they are ready. Regardless of your reasons, blocking any program through the Windows Firewall is a fairly standard process though the utility could certainly use a visual upgrade.

The difference between Inbound and Outbound rules

When you launch the Windows Firewall utility you will notice that there are two different sets of rules for your applications and services. Inbound rules are concerned with how an application can connect to your own computer, useful in cases when you are running a server or something similar. Outbound rules take care of apps that want to connect from your computer to somewhere else. The latter group is what you are mostly concerned about as most applications send data from your computer rather than the other way around. The process is exactly the same for both Inbound and Outbound rules, however, so this guide can help you with both.

Block any application from accessing the Internet

Though I am using Windows 10, the Firewall utility is pretty much the same in Windows 7, 8.x and Windows 10 so the steps described in this guide can be applied in all those versions of the OS.

  1. Type firewall in your Start Menu and click on the “Windows Firewall with Advanced Security” option. This is simply a quick route to the advanced version of the Windows Firewall which you can also access from the Control Panel.
  2. Click on the “Outbound Rules” item on the left sidebar and the utility will show you a list of all existing rules in that category. Windows automatically creates these entries for virtually every application with an online component and you should not touch anything here unless you know what you are doing.
  3. Click on the “New Rule” item the right-side “Actions” panel to open the “New Outbound Rule Wizard”.
  4. The Wizard should automatically select “Program” as the default rule type but double-check before clicking on Next.Firewall Rule Type
  5. In the “Program” tab, click on the Browse button and find the executable file of the application you want to block. Now, depending on where that program resides, you may need to make some changes to the program’s path. You see, Microsoft’s Firewall has the annoying tendency of automatically replacing your specified program path with environment variables. For instance, “C:\Users\Adam\Desktop\FileCluster.exe” would automatically be replaced by “%USERPROFILE%\Desktop\FileCluster.exe”. And while this is generally a great feature, it instantly breaks Firewall rules for an unknown reason that the company has not deemed worthy of a fix. In these cases, you will need to manually alter the entry in “This program path” with the exact location. Once everything is set up nice and proper, move on to the next tab.Firewall Program Path
  6. Ensure that the “Block the connection” option is selected and click on Next.Firewall Action
  7. Select the type of network connection the rule will apply to. For instance, you may want to allow an application to go online in your home connection but block it in your office. At least one has to be selected but you can choose any combination. If you do not care about allowing the app in specific networks then you should just select all three.Firewall Profile
  8. For the final step, give your rule an appropriate name. Make sure it is something you can easily distinguish as navigating the list of firewall rules is no one’s idea of fun. You can also add an optional description which may be helpful in case you forget what the rule is all about. When you are done, click on Finish to create the new rule and close the Wizard.Firewall Rule Name


Windows Firewall rules are applied instantly so you will not even have to restart your computer. You can immediately check whether the rule is successful or not by running the application and seeing if it actually connects to the Internet. To remove your applied restrictions, head back to the rule you created in Windows Firewall and double-click on it.

Firewall Rule Properties

In the “General” tab, select the “Allow the connection” option and click on OK. Alternatively, you can simply delete the created rule or disable it by right-clicking on it and select the appropriate option.