Options
Group Policy question about IE
I need to accomplish this task - but in a non-conventional way.
I need to block a website. However, I still need to allow traffic to that website. I need to prohibit users from opening IE and typing in www.site.com, but because one of our applications uses that site, traffic needs to be allowed...so I cant just blacklist it on the firewall.
We have a rather large number of users as well, so I cant edit all their hosts files to a dummy site.
I would like to do this with group policy, but Im having trouble finding one to accomplish this task.
Any suggestions?
I need to block a website. However, I still need to allow traffic to that website. I need to prohibit users from opening IE and typing in www.site.com, but because one of our applications uses that site, traffic needs to be allowed...so I cant just blacklist it on the firewall.
We have a rather large number of users as well, so I cant edit all their hosts files to a dummy site.
I would like to do this with group policy, but Im having trouble finding one to accomplish this task.
Any suggestions?
Comments
-
Options
Essendon
Member Posts: 4,546 ■■■■■■■■■■
I have this bookmarked. Chrisse.se - How to restrict internet access Domain wide or for a single Site or OU with Group Policies
HTH. -
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
If the application that uses the site does so from the back end server (not the client workstation actually being the computer from which the website is accessed), you could put in a zone in your internal DNS for that site's domain and redirect that host to 127.0.0.1... and then put a host file on the application server to point the traffic coming from the server in the right direction.
Otherwise... I'm drawing a blank.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Options
Michael.J.Palmer
Member Posts: 407 ■■■□□□□□□□
What Essendon posted is how I'd do it through GP, just do a gpforce after that and it should force your new policy out to your client machines. That should prevent them from accessing the site through IE and the application should in theory still be able to access it... couldn't imagine how it wouldn't be able to, though I guess it does depend on the app and what it does.-Michael Palmer
WGU Networks BS in IT - Design & Managment (2nd Term)
Transfer: BAC1,BBC1,CLC1,LAE1,INC1,LAT1,AXV1,TTV1,LUT1,INT1,SSC1,SST1,TNV1,QLT1,ABV1,AHV1,AIV1,BHV1,BIV1
Required Courses: EWB2, WFV1, BOV1, ORC1, LET1, GAC1, HHT1, TSV1, IWC1, IWT1, MGC1, TPV1, TWA1, CPW3.
Key: Completed, WIP, Still to come -
Optionsbrad-
Member Posts: 1,218
I have this bookmarked. Chrisse.se - How to restrict internet access Domain wide or for a single Site or OU with Group Policies
HTH.
TYVM!