How to Block Multiple Files in a Windows Firewall

A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer, depending on your firewall settings. A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.

The same thing occurs in Windows Firewall. Some applications need to connect to the internet from time to time. However, the firewall has control over which .exe and .dll files on your PC can connect to the network be it a domain network, a public network or a private network. By default, all application .exe and .dll files are blocked on the firewall. If an .exe file is not allowed on Windows firewall, it will not be able to communicate over the network. This includes games that you can play over the internet or over a network connection. To set your windows firewall preferences, you can: Press Windows Key + R, type firewall.cpl and hit enter then on the window that appears click on “allow a program or feature through Windows firewall.” Here, you can change which programs are allowed, and add new executable files.

However, when you need to block or unblock more than one .exe file, and more so, on more than one PC (or if you are developing an app that needs firewall permission), then you will find the repetitive work energy-zapping. In this article we are going to show you how to block and unblock multiple .exe files that are in the same folder. For our demonstration purposes, we are going to assume the program files folder to be our target folder.

You are advised to first take a backup of your current Windows Firewall policy incase anything goes wrong. To do this: Press Windows Key + R to open run, type wf.msc and hit enter to open ‘Windows Firewall with Advanced Security.’ On the far right panel, click on ‘Export Policy’ and save the file. If anything goes wrong, you can import this policy.

Block and unblock .exe files from the firewall using a batch file

Through netsh (a scripting tool that allows command line prompts to modify the network settings), you can use command line prompts to change the settings on your firewall, thus allowing you to block or unblock .exe or .dll files. Since the firewall dictates incoming and outgoing connections, we have to disable both the in and out directions for our files. To do this:

  1. Open notepad and copy the scrip below. Save it as a .bat extension file.
  2. This is the basic script version of changing your firewall settings: You can set your target folder accordingly. Replace the path “C:\Program Files (x86)\Test Folder\” with the path where the exe files are.for %%G in (“C:\Program Files (x86)\Test Folder\*.exe”) do (netsh advfirewall firewall add rule name=”Blocked With Batchfile %%G” dir=in action=block program=”%%G” enable=yes profile=any
    netsh advfirewall firewall add rule name=”Blocked With Batchfile %%G” dir=out action=block program=”%%G” enable=yes profile=any)
  3. The rule name is the name your file will display on the firewall settings which in this case is “Blocked with Batchfile”

  1. You can also download this advanced script, which can search for exe files and add them to the Firewall block list. Place the downloaded file in the folder (source) from where the exe files should be scanned and blocked.
  2. Right click on the script and click ‘Run as administrator’ or open command prompt as administrator, browse to the folder where the file is located, and execute it by typing exeblocker.bat
  3. Your exe files will be blocked on Windows firewall. You can check this by going to the ‘Windows Firewall with advanced security’ window: Press and hold Windows Key + R, type wf.msc and hit enter.
  4. To allow exe files through Windows Firewall, just find the phrase action=block in the script and replace it with action=allow.
  5. To allow/block .dll files through Windows Firewall, just find the phrase *.exe in the script and replace it with *.dll

You might also want to explore the options of a third party application to add .exe and .dll files; this includes Windows Firewall Controller downloadable from here or TinyWall available here.


Kevin Arrows

Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.