How do I block https(SSL) websites?


TS Rookie
I have been trying to block access to proxy sites without success. What I have done works on some but not all.

I've used a program called Internet Lock to block the port 443, but still I can access the proxy site.

I've put the name of the domain in the list of block sites, still it passes.

I tried to find out the IP address of the website, but I can't find it. Don't know if that would even work anyway.

One proxy site in particular seems to bypass all locks.

If anyone knows how to block such sites, without losing access to gmail, yahoo mail, hotmail, it would greatly be appreciated.




TS Rookie
How do I check using nslookup, an example would be great. I had already done the ping in CMD, and it didn't work. The IP address for is If I type the IP address in, it says it is blocked, if I type the domain name of that IP address ( it still accesses it.

Hidemyass isn't an ssl website, and you can also render such sites useless, by putting proxy, proxies into the banned keywords list.

Any help to block the above mentioned site is really welcome. So far nothing is working. It's making all the blocker sofware programs look really pathetic. For with just one website, it becomes utterly useless.


TS Rookie
You don't need other softwares to block websites.
1. open cmd.exe as admin
2. notepad %systemroot%\System32\drivers\etc\hosts
3. add the following:
Code: anywebsiteyouwant_to_block_or_its_ip_address
4. Restart windows


TS Ambassador
While the HOSTS file will work for a few sites, the issue for things like (aka anonymous proxies) is far more difficult.

First, the HOSTS file maps a domain name into the localhost address which rarely has a webserver running on it. That does not block access by ip-address, eg (which is one of several google servers). For illustration, is available on these addresses:
Non-authoritative answer:
Addresses:  2001:4860:4007:800::100e
So, to block a given site you would need to block ALL of it's known server addresses. Your firewall might be useful to block for all ports, but if you have multiple machines on your home LAN, then the block would need to be within the gateway router itself. Blocking all ports also inhibits access to gmail.

Now multiply the number of anonymous proxies on the Internet by the number of ip addresses they own and it is obvious that this is an unworkable solution. Don't forget, new anonymous proxies could be created and/or new ip-addresses of existing ones and you will never be able to keep your block list under control.


TS Ambassador
An alternative approach I have had some success with is a KEYWORD block in the router. On my Netgear router, the website title is scanned for any keyword listed and if found, access is denied. On this router, only a root word needs to be listed and all prefix/suffix variations are found.


TS Rookie
I tried the host file thing. For some reason it worked, but after a restart I just had access again for some stupid reason. I checked the host file, and nothing changed after the restart so it should have worked.

I know what you said is true, but I have managed to block most of the other proxies with another internet blocking program. And for some reason I have succeeding in blocking most of them.

The reason is I am trying to block access to because someone I know is using this most often, and I don't think they are aware of many other proxy sites. Also as I said, most of the other proxy sites are inaccessible. for example didn't load on the machine.


TS Ambassador
After adding an entry to drivers\etc\HOSTS

you must do this to make it effective
  1. ipconfig /flushdns
  2. net stop "dns client"
  3. net start "dns client"
all three must be performed using an ADMIN login


TS Rookie
Thanks for your advice.

I have however found a software that does exactly what I want with great ease, and it is blocking all of the HTTPS websites out there.

Here is what I have decided to use for your consideration:

HT Employee Monitor. You can download it from