Useful little batch scripts to keep people from visiting certain websites
Logon batch script | Logoff batch script
Example HOSTS file | Example restricted HOSTS file
I use these babies to keep one of my little brothers from being able to play Facebook games, or accessing any Facebook apps, without restricting access to the rest of the site.
These logon/logoff scripts simply change the name of the user's HOSTS file. That's all. The logon script changes the name of the original unrestricted HOSTS file to the name of another HOSTS file specifying the URLs of any websites you wish to restrict access to. The logoff script changes the names of both HOSTS files back to normal.
How to use:
Create a new text file in c:\windows\system32\drivers\etc\, but name it something other than
HOSTS (almost anything else will do). I suggest you copy and rename the existing HOSTS file and
make sure you remember the new name. I have supplied two example HOSTS files above that will work
with the batch scripts just like that. You should probably only use them if you don't have a HOSTS
file already. Mine has many entries blocking access to potentially harmful sites (sites containing
spyware etc). Yours may too, and it's best not to get rid of those entries. Some programs, such as
Spybot Search & Destroy, will automatically add entries for known 'bad' sites.
Ok so now you should have two identical HOSTS files but with different names. (One of them should still
be called HOSTS though. Strictly speaking, that means the other one isn't really a HOSTS file.)
Anyway, open the one you renamed, and on a new line at the end of the file add
'127.0.0.1 URL_of_site_you_want_to_block', without the quotation marks, and replacing
'URL_of_site_you_want_to_block' with (guess what?) the URL of the site you wish to block. Follow the
examples if you need to. And make sure the first uncommented line of the file (ie without a '#' at the start)
looks something like '127.0.0.1 localhost'. As long as it has those two elements in that order it should
be okay. You can add as many URLs as you like, but each one has to be on a new line, preceded by 127.0.0.1
and a single space. Requests to these URLs will be redirected to your own computer, and will return
an empty response, and no webpage.
You should also set the permissions on both HOSTS files to read-only. This helps prevent nefarious programs
from messing with them.
Now edit the batch scripts in a text editor, replacing 'HOSTS-Restricted' in each one with whatever you
named the new HOSTS file.
Run gpedit.msc (just click Start, then select Run... and type gpedit.msc at the prompt.) Then
select User Configuration|Windows Settings|Scripts (Logon/Logoff). Select logon, then Add... and
navigate to logon.bat. And for logoff, Select logoff, then Add... and navigate to logoff.bat. Simple.
Now if you have done everything correctly, you should have prevented access to the selected websites for
any user accounts you have put the logon and logoff scripts on.
Of course you can use this method to restrict access to pretty much any site, but...
There are a couple of problems with this method you should note -
i.e. if the user doesn't log off, noone will have access to the restricted sites until the user does log off. Also, it's not a hugely robust method, and relies on the user not figuring out what you've done and fixing it.
