Use a blocking rule to prevent specific websites from accessing your site.
Use a blocking rule to prevent specific websites from accessing your site.
There’s a simple method using your router settings to restrict access to specific domains. You can configure your modem or router to block traffic for the targeted domain, which will prevent websites from loading even if you use third-party tools.
Routers usually lack these capabilities; consider using a Pi-hole instead.
My old Asus Wi-Fi router let me restrict a small set of domain names. I used it well before to block all MS servers for updates. The issue is routers rely on IP addresses, so they need translation. Manually entering IPs isn’t stable if they change. Another approach is modifying your local "hosts" file—a manual map linking domains to IPs. Point the domain to a non-existent address, like 127.0.1.1 (assuming no web server). This makes access to those domains fail. The downside is no wildcards are available; you’d need to list every possible subdomain. On Windows, security might flag changes to this file as suspicious and block it, requiring a whitelist instead.
By default, blocking operates through IP addresses, meaning stopping one domain will affect all others linked to that IP. Tools like PiHole allow you to bypass this by spoofing DNS for the domain, redirecting traffic to PiHole’s IP or displaying a blocked notice. This method is more challenging now because domain certificates often don’t match, but it still stops the site from functioning. Using the local hosts file is another option, though it must be applied on every device, making it unsuitable for phones or tablets without a desktop OS.
@Winterlight I suggest, as previously mentioned, to visit https://pi-hole.net if you wish. This site offers helpful details about DNS and Cloudflare, which collects your domain queries and trades that data for profit without your permission. https://1.1.1.1 I own a simple configuration on my computer, but if you have a laptop—especially one with a removable battery (a clever idea, though it risks damaging the battery by keeping it at full charge or constantly charging it at high voltage)—or another device that can operate all day, pi-hole remains a solid local choice. If the above seems too technical, try setting up: https://NextDNS.io. This method supports IPv6 addresses for DNS or a linked IPv4 address, though the latter is unclear and not well explained. Another advantage of NextDNS is full control over what content is allowed or blocked, regardless of device type. On smartphones (especially Android), you can enable DNS-over-HTTPS using your NextDNS account in recent versions, even if the app is outdated and requires third-party tools. If you’re unsure about the process, consider paying for their service.
Connecting any wireless device to NextDNS enables cellular and Wi-Fi tethering features. If your carrier offers these services, they’ll force connected devices to use your chosen DNS provider. You can also set up a cellular DNS provider via an app on Android, bypassing the need to configure it directly on the network side.
Pi-hole is worth considering because it lets you block or allow websites with ease and works across all devices. It’s simple to install—just download Oracle VirtualBox, set up a Debian or Ubuntu system, and follow the instructions. You can manage settings from a web interface accessible to everyone on your network. For memory management, start with 1GB or 864MB, and adjust as needed. The installation is straightforward, using default configurations that require minimal space.
Once configured, you only need a root filesystem partition and possibly a swap file for performance. It’s impressive how much memory usage can drop by blocking tracking domains. In virtualbox, select bridged networking over NAT to properly route DNS traffic. Remember, choosing IPv6 or IPv4 depends on your router’s capabilities, but IPv6 is generally preferred for modern setups.
If you need further guidance, the Pi-hole documentation offers detailed steps, including handling Unbound for caching and managing DNS settings. This approach ensures strong privacy and control over your online traffic.
@Falcon1986 shared their thoughts on the uncertainty of knowing if a router supports a specific setting without details about the device. They emphasized clarifying the user's purpose and goals. It’s important to understand whether the aim is to restrict domain names, protect the network, enable parental controls, or provoke others online. For effective questioning, refer to the suggested resources. Remember, no security measure can guarantee 100% protection against all access attempts, especially with determined users finding workarounds. Parental controls should complement, not replace, responsible parenting.