How to Block Bad Sites with “etc/hosts”

Kevin ArrowsUpdated on April 30, 2023
Kevin is a certified Network Engineer

Whether you keep track of big iron machines that need to get locked out of potential threats or simply administer your own laptop and want to block out something harmful, you can lock out any Web address via the  file.  This file defines which resources should be redirected toward some other IP address. While not its original intended use, this file can thus be used to redirect threats somewhere innocuous.

All addresses in the file are formatted with an IP address followed by whatever pointer indicates the original resource. Anything that attempts to access said resource would first check the hosts file to see where it should get redirected before loading it. Since doing this involves editing a critical system file, its best to first make a backup of  before editing it in case anything were to go wrong.

Redirecting Harmful Links to Innocuous Resources

Presume that nastysite.bad, which does not exist in reality, represents a nasty Website that you wish to block out. At the Linux CLI prompt, type either sudo nano  or sudo vi  to edit the hosts file from a text interface, or perhaps gksu gedit  to edit it graphically. You could also use another graphical editor like mousepad or leafpad to do so, but make sure to use gksu when requiring root access with a piece of graphical software. Enter your administrator password to continue. You can then add two lines to block nastysite.bad out of your system:

0.0.0.0 nastysite.bad

:: nastysite.bad

The first blocks it from legacy IPv4 access and the second blocks it from modern IPv6 access. Make sure the file doesn’t read [Readonly] or something else at the bottom or in the title bar before saving, otherwise your work won’t actually be saved.

System administrators tend to debate where the correct area to add the block lines in a hosts file is. You will more than likely have a line stating the following:

# The following lines are desirable for IPv6 capable hosts

Some administrators would encourage you to add any user-created lines above this comment. Others insist that user-created lines should only be added after whatever line is last in the generated  file. Regardless of where you’d like to add them, make sure to add a line above them that’s been commented out so you know what you’ve blocked.

For instance, if you were trying to block the example line above, then script the file as such:

# Added Block Line on 12/10

0.0.0.0 nastysite.bad

:: nastysite.bad

Edits to the hosts file may take place immediately or after a restart. It depends on your local configuration. Once again please be sure to make a backup copy of , so if you were to make any mistake you can simply overwrite your errant file with this original and thus avoid any Internet connectivity problems.

Kevin ArrowsUpdated on April 30, 2023
Kevin is a certified Network Engineer
ABOUT THE AUTHOR
Photo of Kevin Arrows

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.