Tips and Tricks Using the Windows Hosts File
As you may be aware, Windows and most other operating systems, have a hosts file that essentially acts as an internal domain name system (DNS). Before querying an external DNS for the IP of the domain name you’re trying to visit, the operating system checks the hosts file for the domain, and if found, the browser gets the content from the IP address of the server that’s indicated. This allows you to utilize the hosts file for website redirection, blocking, and filtering.
Opening the Windows Hosts File
You can use a simple text editor, like Notepad, to open and modify the Windows hosts file. However, you'll likely have to open the editor with administrative privileges to make edits. So in Windows 7, click the Start button, type notepad, right-click Notepad in the results, and select Run as administrator.
In Windows 8 or 8.1, you must first exclude the hosts file from the scanning of Microsoft's default antivirus, Windows Defender, if you don't have a third-party security solution installed. This is because Windows Defender will likely detect changes to the hosts file as malicious and revert the changes. So open Windows Defender, click Settings, select Excluded files and locations, and then add the hosts file to the exclusion list, which is at: C:\Windows\System32\drivers\etc. Once done, open Notepad: hit the Win key, type notepad, right-click Notepad in the results, and select Run as administrator.
In either Windows version, you can find the hosts file inside the following directory: C:\Windows\System32\drivers\etc. If you don't see it, ensure you're viewing All Files instead of just TXT files.
Tips on Editing the Hosts File
Once you have the hosts file open you'll see most default text is comments, those lines beginning with the pound (#) sign. After making changes to your hosts file, consider inserting your own comments so you’ll know what the entries are for.
Inserting a redirect into the hosts file is simple. Just enter the IP address of the desired server or host, leave a single space, and then enter the domain or hostname you want to point to that IP. Enter only one redirect per line.
When redirecting a real website URL, you should include one redirect with the www and another without, to ensure both will be redirected to your desired IP.
When redirecting a custom hostname (rather than a real website), it’s a good idea to add an extension (such as .com) even though not required. This is because some web browsers will think you’re trying to perform a search if a domain extension isn’t included and will return search results instead of taking you to the IP you’ve designated.
In the next sections, I’ll discuss how to make specific modifications.
Website Redirection or Blocking
You can use the hosts file to redirect or block websites users try to visit. For instance, if you don’t want them on Facebook, you can redirect facebook.com to your company site. If the IP address of your company server is 188.8.131.52, you’d enter the following lines:
Or if you’d simply like to block Facebook without redirecting to another site, you can enter all zeros for the IP:
This would cause a DNS error and depending upon the browser, the user may see a DNS error page or a search page with results related to the domain they’re trying to visit.
Internet and Intranet Shortcuts
You could also use the hosts file to create shortcuts to websites or internal sites or services, such as your company site or the web-based interface of your router and other network components.
For instance, to add the shortcut of “router.com” to point to your router’s IP address of 192.168.1.1:
Though you could just use “router” as the hostname, again some browsers won’t treat that as a domain name and redirect to search results. Adding an extension ensures this won’t happen.
If the PC has a web server enabled, such as Microsoft’s built-in Internet Information Services (IIS), and you want to redirect a website or hostname to the local server you can redirect to the localhost IP of 127.0.0.1.
You can also use the hosts file as a way to perform content filtering and ad blocking. If you have just a handful of sites you’d like to block you can input them manually like already discussed. However, there are third-party lists of sites and domains.
The MVPs site for instance has a list that blocks hundreds of sites and domains that host ADs, third-party cookies, adware, spyware, and hijackers. You could copy and paste the list into your hosts file or use their batch file to replace your hosts file for you. This list redirect these unwanted domains to an IP of all zeros. Again, this triggers a DNS error and the user may see, depending upon the browser, an error page or a search page with results related to the domain they’re trying to visit.
A word of caution: As discussed next, the hosts file can certainly be used for malicious purposes. Before using a list of redirects found on the web, you should ensure it’s from a legitimate source. You don’t want the list to be redirecting you to phishing and other dangerous sites.
Beware, the hosts file can also be used maliciously. Adware, PUPs, viruses, and other malware could insert redirects to cause annoyance, perform phishing, and even hijack websites. These types of attacks are dangerous since the URL of a website you’re trying to visit could appear correct but the site content can come from another page or site.
For instance, if there’s a redirect in the hosts file for your banking site that points to a dummy page that’s replicated the look and feel of the real site, you could be tricked into logging in and handing over your credentials.
To help prevent hijacking or unauthorized changes to the hosts file, consider making it read-only. Simply navigate to the hosts file with Windows Explorer: C:\Windows\System32\drivers\etc. Then right-click the hosts file, select Properties, check the Read-only Attribute, and click OK.
We discussed how to access and open the Windows hosts file with administrative privileges so we could make changes. Remember, it’s a good idea when redirecting websites to include an entry with and without the www of the URL. Also, when creating custom hostnames, include a domain extension.
If using the default antivirus in Windows 8 and 8.1, Windows Defender, remember you should first exclude the hosts file from scanning so it doesn’t stop you from making changes.
Always remember, one redirect entry per line and precede lines with the pound sign (#) if typing in comments. When you’re done making modifications, consider implementing the Read-only attribute on the hosts files to help lock it from any malicious changes.
Though the hosts file and editing process is fairly straightforward, if you ever break it or otherwise need to revert back to the default configuration, keep in mind Microsoft offers a Fix-It solution for that.