Windows Firewall: How to Allow or Block Programs from Accessing the Internet

The most efficient way to allow a program through a Firewall is to simply tick the right option when you first launch it. Most apps that need firewall access will ask you whether you want to allow access via a Windows Security Alert prompt. Here’s what you need to do when you see it:

1. Tick “Private networks” and/or “Public networks” and click “Allows access”

   That’s it. You can easily see why this is the best method to allow an app through the firewall.

   

If you missed the Security Alert app shortly after you launched the app, you can stop Windows Firewall from blocking internet connectivity by adding it to your allowed list manually. This only takes a minute or so and is very simple through the Control Panel.

1. Press the search icon and open Control Panel

   Press the search button on your taskbar, type “Control Panel”, and click the top result.

   

2. Type “Windows Firewall” in the Control Panel search and choose “Windows Defender Firewall” in the main list
   

    

   

3. Click “Allow an app or feature through Windows Defender Firewall”

   This option will be the sidebar on the left.

   

4. Press “Change settings” in the “Allowed apps” window

   Allowing a program in Firewall requires you to provide administrator access.

   

5. Press “Allow another app…” at the bottom of the window
   

    

   

6. Next to the “Path” box, press “Browse…”
   

    

   

7. Browse to your applications .exe, click it, and press “Open”
   

    

   

8. Click the “Network types…” button in the bottom-left
   

    

   

9. Tick “Private” and/or “Public” networks and press “OK”
   

    

   

10. Press “Add” to allow the app through Firewall
    

     

    

11. Find the program in your “Allowed apps” list and make sure it’s ticked

    Press “OK” when you’re done to close the window.

    

If you previously allowed an app through Firewall but now regret it, you can rectify it by removing it in Windows Firewall settings. Thankfully, this is pretty easy to do:

1. Open Control Panel

   Press the search icon and type “Control Panel”, then click the top result.

   

2. Search Control Panel for Windows Firewall and select it from the list
   

    

   

3. Press “Allow an app or feature…” in the sidebar
   

    

   

4. Click “Change settings” and provide admin privileges
   

    

   

5. Find the program in your allowed apps list, click it, and press “Remove”
   

    

   

6. Press “Yes” to the prompt

   That’s it, the app is no longer allowed through your firewall. Doing this will not automatically block internet access to a program, but will modify how it interacts with the outside world. Depending on its function, this may stop it from working properly.

   

7. Press “OK” in the “Allowed apps” window
   

    

   

If you prefer the command-line, you can change Windows Firewall rules through Command Prompt instead. This is typically faster than jumping through the settings menu if you have the commands memorized. Here’s what you need to do:

1. Open Command Prompt as an admin

   Press the search icon on your taskbar and type “Command Prompt”, then right-click it and press “Run as administrator”. 

   

2. Use the netsh command to allow a program through Windows Firewall in Command Prompt

   Here’s an example of what you’d type to allow an app through the Firewall in Windows 11 or 10:

   netsh advfirewall add rule name="Firefox" dir=in action=allow program="C:/Program Files/Mozilla Firefox/firefox.exe" enable=yes

   You should change in quotation marks to fit the specific program you’re trying to allow. After performing this change, you should no longer receive the “security or firewall settings might be blocking the connection” error.

   

3. Use netsh to block a program in Windows Firewall

   If you’d rather block the program, the command is very similar to above. You just have to switch action=allow to action=block. Here’s what the full command looks like:

   netsh advfirewall firewall add rule name="Firefox" dir=in action=block program="C:/Program Files/Mozilla Firefox/firefox.exe" enable=yes

   Again, you should change everything that’s in quotation marks to suit the app you’re trying to block internet access to in Firewall.

   

You can also use Command Prompt to remove apps that you’ve previously allowed in your Firewall. Here’s how:

1. Open Command Prompt as an administrator

   Press the search icon on your taskbar and type “Command Prompt”, then right-click the top result and choose “Run as administrator”.

   

2. Run the show rule command to export a list of your firewall entries

   To do so, simply paste the following into your Command Prompt and press Enter:

   netsh advfirewall firewall show rule name=all >"%UserProfile%/Desktop/WindowsFirewallRules.text"

    

   

3. Open the “WindowsFirewallRules.txt” file on your desktop and find your application

   You’ll see the name of the rule you created next to the “Rule Name” field. If you’re struggling to find your rule, you can press Ctrl + F to search.

   

4. Use the netsh command to delete the firewall rule

   Once you know the name of your firewall rule you can delete it by running the following command:

   netsh advfirewall Delete rule name="yourfirewallrule"

   Naturally, you should replace “yourfirewallrule” with the name of your rule. After you receive the “Deleted x rule(s)” confirmation, you can close Command Prompt.

   

If you want to allow or block a program in Firewall using Microsoft’s more modern PowerShell tool, you can do so with the NetFirewallRule command. Here’s how:

1. Open Windows PowerShell as an admin

   The easiest way to do this is to open the hidden Start menu by pressing “Windows + X” and then clicking “Windows PowerShell (Admin)”.

   

2. Use NetFirewallRule to allow a program through the Firewall

   If you want to allow an app, your command should look something like this:

   New-NetFirewallRule -DisplayName "firewallrulename" -Direction Inbound -Program "C:/path/to/your/file.exe" -Action Allow

   Replace “firewallrulename” with whatever you’d like your rule to be called, and “C:/path/to/your/file.exe” with the path to your program’s executable. Press Enter to run the command.

   

3. Use NetFirewallRule to block a program in Windows Firewall

   If you want to block an app, your command should look something like this:

   New-NetFirewallRule -DisplayName "firewallrulename" -Direction Inbound -Program "C:/path/to/your/file.exe" -Action Block

   Replace “firewallrulename” with whatever you’d like your rule to be called, and “C:/path/to/your/file.exe” with the path to your program’s executable. Press Enter to run the command.

   

If you previously added an app to the Firewall via PowerShell but now want to remove, it the process is relatively simple:

1. Open PowerShell as an admin

   The easiest way to do this is to open the hidden Start menu by pressing “Windows + X” and then clicking “Windows PowerShell (Admin)”.

   

2. Export a list of your Firewall rules

   Before you can stop allowing a program in Firewall you need to know its rule name. You can obtain this by exporting a list of all of your Firewall rules to your desktop. Just run the following command to do so:

   Show-NetFirewallRule | Out-File "$env:userprofile/Desktop/WindowsFirewallRules.txt"

    

   

3. Open “WindowsFirewallRules.txt” from your desktop and find your rule name

   The rule name will be in the column next to the “DisplayName” label. Note it down ready for the next command.

   

4. Remove the rule with PowerShell

   Now that you know the rule name, it’s a simple process of running the following command:

   Remove-NetFirewallRule -DisplayName "YourRule"

   Naturally you need to replace “YourRule” with the name of your actual rule.