• Creator
  • #2153047

    Restricting a Website for multiple users on a domain


    by artanyis ·

    I’m fairly sure this has been covered before, but I cant find a tread with the information that I need. One of my customers needs a way to block a few specific web sites for multiple users across the domain. His current security software only allows for custom program and port access, not specific web sites. So, I’m looking for a way to do this either through a GPO that I don’t know about or if anyone knows a good software for this, that would also work. My customer said he is willing to pay for new software.

All Answers

  • Author
    • #2931601


      by artanyis ·

      In reply to Restricting a Website for multiple users on a domain


    • #2931595


      by clarkd038 ·

      In reply to Restricting a Website for multiple users on a domain

      is what we use. It may be a little more in depth than they are looking for however. We block just about all web sites other than work related. But it also tracks each user and what they are looking at in real time. And you can then restrict those sites if you find out they are looking at something inapropriate for the work setting.

    • #2930220

      Host file or Local DNS

      by rich ·

      In reply to Restricting a Website for multiple users on a domain

      You could add a local host file with the website URL redirected to or if your customer is running local DNS, you can add a local record that redirects the request to the customers own corporate website or a custom page explaining why the site was blocked.

    • #2930208

      Few ways to skin the cat

      by notsochiguy ·

      In reply to Restricting a Website for multiple users on a domain

      Depending on what you had in your environment, and what $$$ you had to spend, you could:

      Use VLans on the switch to control access through a firewall (i.e. VLAN can access IP address, but users on cannot)

      Get a hardware-based filtering (Barracuda, St. Bernard, etc) device

      Put the users you’re looking to restrict into a new OU, and then create a GPO for the OU adding the restricted sites into the Restricted Site zone…but that only works if you are an IE only shop); you can also take a similar approach in setting up a proxy server

      Add some sort of web monitoring (like others have mentioned, Websense/Surf Control works well) software

      Depending on NAV/Spyware/client firewall software you use, you may be able to create a policy to block access to the site on a per user basis (the problem I’ve had with this approach is that the error messages are usually cryptic, at best…so you’ll get more help desk calls)

      Whatever you decide to do, make sure you double-check the effectiveness by testing the sites by IP address access, by TinyURL access, and by proxy access (like Google language translator). Depending on how critical it is to block the sites, and what you’re specific needs are, you may find that you’ll need to go the third party software/hardware route to maximize effectiveness (especially if you are talking about somewhat tech-savvy users).

      Best of luck!!

Viewing 3 reply threads