Allow Access to Only One Website

  • Thread starter Thread starter Karl Burrows
  • Start date Start date
K

Karl Burrows

Is there a way to setup something like and ACL (Access Control List) to
allow a computer in a network to only be allowed access to one Website only.
No other computers, no email, etc. I am setting up a sales station and it
would only be allowed to our Website. I am using a simple NetGear wireless
router (current version). I can see where you can block certain sites or
keywords, but nothing that would be reverse of that. Computer is XP Pro
SP2.

Thanks!!
 
Hi, Karl -

Do you have control of the webserver? If so, what about configuring the
webserver to listen on an additional port and blocking port 80 (http), port
25 and 110 (email) and so on at the router?

For instance, if your webserver is configured to listen on both port 80 (the
standard web port) and say, port 76 (I just made that one up) then your
shortcut on the sales workstation could point to http://yoursite.com:76 and
as long as that port was open on the router the guy could get through to the
company website but no others :)

For IE security only you could put all sites in the 'restricted sites' zone
on the workstation and then put your sales site in the 'trusted sites' zone,
but that wouldn't affect email at all - only web browsing.

Just a couple of ideas here - I'm sure there will be others.

good luck!
 
it is possable... peer guardian (methlabs.org) in the block list, put a
range of addresses that doesn't include your range of address you want to
access and save the file.

KK
 
You can use something like WinProxy = www.ositis.com with a *White List*
that only allows the sites on your list. This provides a pretty good way to
do what you want.

I've used it running on a firewall computer to keep the websites available
on the LAN down to a critical few.
How it works in firewalling the WinProxy computer itself is subject to
settings, etc. and you should verify that you can do what you want.
Then, perhaps you would want to make the WinProxy settings unreachable with
a password or some such....

Fred

I've not tried it
 
Is there a way to setup something like and ACL (Access Control List)
to allow a computer in a network to only be allowed access to one
Website only. No other computers, no email, etc. I am setting up a
sales station and it would only be allowed to our Website. I am using
a simple NetGear wireless router (current version). I can see where
you can block certain sites or keywords, but nothing that would be
reverse of that. Computer is XP Pro SP2.

Thanks!!
Click to expand...

Sure, although probably not with just that router. The simplest solution
would be to upgrade to a router that allows ACL's. Any cisco router with
2 ethernet interfaces will work just fine. The loswet cost current model
is probably the 831, but there are plenty of lower cost older models
available on ebay.

As an alternative you could place another PC between your client
PC and the router and configure it as a router with only one route or as
a firewall using ipchains, iptables or a freeware firewall like
smoothwall as well.
 
Is there a way to setup something like and ACL (Access Control List)
to allow a computer in a network to only be allowed access to one
Website only. No other computers, no email, etc. I am setting up a
sales station and it would only be allowed to our Website. I am using
a simple NetGear wireless router (current version). I can see where
you can block certain sites or keywords, but nothing that would be
reverse of that. Computer is XP Pro SP2.

Thanks!!
Click to expand...

You may be able to go directly to the machine and do it using IPsec.

http://www.petri.co.il/block_web_browsing_with_ipsec.htm

You'll have to play around and see what you can and cannot do.

http://www.analogx.com/contents/articles/ipsec.htm

Duane :)
 
I think I figured it out. If I create a hosts file with only that domain
and IP address and assign a static IP with no DNS, that should block all
network traffic except the site I want. What do you think?
 
Karl Burrows said:
Is there a way to setup something like and ACL (Access Control List) to
allow a computer in a network to only be allowed access to one Website only.
No other computers, no email, etc. I am setting up a sales station and it
would only be allowed to our Website. I am using a simple NetGear wireless
router (current version). I can see where you can block certain sites or
keywords, but nothing that would be reverse of that. Computer is XP Pro
SP2.

Thanks!!
Click to expand...

If you use the firewall in the Netgear router you can set a rule to
allow http and/or https to a specific IP address (your website) and
disallow everything else. You might want to allow a couple of others -
MS updates/AV updates etc.

The downside of this is that if your website has links to other
websites you need to include these as well or they won't work.

Brian
 
USING IPCOP VER 2.0 FIREWALL AND COPFILTER AND COPPLUS

Cop plus will do this

Services -> Content Filter -> Blacklist Edit -> Left column, scroll down to blanket block change to **

Save and restart dansguardian

Back

Greylist Edit -> Left column, scroll down to bottom and and specific sites, example youtube.com (dont add www)

Save and restart dansguardian.

Enjoy.
 
Back
Top