It's called the hosts file, and it's a powerful little text file that can really remind you who's in control of your system. That would be you of course.
It's called the hosts file, and it's a powerful little text file that can really remind you who's in control of your system. That would be you of course.
What is the Hosts File Really?
Good question, glad you asked. In Geek speak, the hosts file is....
In English, the hosts file is a directory your computer consults to turn web addresses (among other things) into the numbers required to contact a web site.
Maybe this excerpt from "
Drew's Life" (
season 1, episode 6: "I am Mo'cutest of MORG") will be enlightening:
It’s the third Friday of the month and "The Crew" is over at Captain Drew's for the monthly Star Trek TOS marathon. "The Crew" has just gotten into the Cats Paw episode (season 2, #30), when they realize there is trouble....
Commander Manta Enters the room via front door.
Commander Manta: "Hey Guys, how's it going?"
Admiral Cappy: "You bring the grub?"
Commander Manta: "Heck yeah, I've got a fresh lentil loaf and a bag of my wife's veggie chips."
Ensign Yuri (standing up and looking terrified): "Dear God Man! What have you done?!"
Captain Drew: "RED ALERT, RED ALERT, Battle Stations!! Manta has fubared the food replicator!"
Commander Manta: "Uh yeah....that's a microwave, and I haven't even touched it - no need, the loaf is still warm."
Captain Drew: "Yuri, toss me that communicator - quickly," catching the cell phone, "Hello? Pizza Ship? - come-in Pizza Ship. This is Captain Drew at 1701D Hardware Drive....we request...immediate...assistance. Replicators....down. No shields. We...must...have ...sustenance. Please comply" -dramatic pause -
"Hey, it's not dialing." - dramatic sound effect #14 -
Science Officer Paul: "Oh yeah....it's the new one. We're still reviewing it. Haven't gotten to entering voice or speed dial yet, but is got killer ringtones."
Ensign Yuri: "Captain, We'll have to use a hosts file."
Captain Drew: "What is this hosts file you speak of?
Ensign Yuri: "You know, the yellow manual that relates names and dialing sequences"
Science Officer Paul: "Yes, on the home world, it’s called a phone book."
....
Ah, one of our favorite episodes. Anyway, as you might have gathered (from the reverse analogy), the hosts file is like a phone book. That's right, your system has a phone book. Big deal you say?
Big deal indeed...
Human beings are great with words and phrases, electronic devices are not - they prefer numbers. This is why we use phone numbers on a phone. A computer looking for a web site is very similar to a phone; it requires a number to connect. These numbers are called internet protocol (IP) addresses. When you type in a URL or domain name, like Hardwarelogic.com, into your browser, your computer doesn’t know what the IP address is. Just as you might do to find a phone number, your computer dials for information or 411. To do this, your computer hooks to a domain name service (DNS), a kind of global phone book, and gets the IP number for the site you are looking for. This is all pretty similar to a phone system.
However, before your system goes to a DNS server, it consults the local phone book on your machine –
aka the hosts file. This, friends, gives you power. The power to block sites, the power to redirect sites, the power to stay online even when your internet service’s DNS system is down, the power to lock a computer down so it only visits the sites you allow it to, the power to block selected content and pop-ups and the power to RULE THE WORLD (or at least your own tiny piece of it).
Sound like fun? Well nit is, and we are going to show you how manipulate your hosts file to do some of these things. Don’t worry, you don’t need to be a programmer to do this. You just need a text editor, an internet connection, and a bit of time. Oh, and if you have worries about “messing up your computer” – quell them –
we've got you covered Commander.
Where it’s at
All modern mainstream OS’s have a hosts file, even Vista. These instructions are for Windows XP SP2 (Professional), but they will generally work for other versions of Windows, OSX and Linux. You may find that locations of the file and formats are slightly different, but you can always visit our forums for quick help.
For Windows XP, the host file is located at:
C:->WINDOWS->system32->drivers->etc->hostsThe file is (as above) called “hosts,” with no extension. Let’s show you what it looks like…
Do not be intimidated. The file may look complicated, but that’s only because of the comments in the header. This file has only one entry (one that should always be there), “127.0.0.1 localhost”. If you have more than say, four entries, or some of them look suspicious, drop by our forums at HardwareLogic.com. It’s rare, but some mal-ware uses the hosts file and there are a few third party utilities that use it as well.
Now that you know what and where it is, let’s get to the “How To”….
Some Pre-Op
Before we start changing this file, we need to do two things. First, copy the file and rename the copy “hostsold” (or some such). It’s good to have a backup. Although many OS’s will work just fine without a hosts file at all – why risk it? Second, a note about notepad, when you go to save something in notepad (which we will be doing), it tends to save “.txt” as an extension. This won’t work for us – the file must have no extension. The easiest way to accomplish this is to put the filename in quotes (as we have done above).
And We Begin…
Blocking Individual Sites.
Whether is for protection, prankstering (we just verbed a noun), or parenting, you may find the need to block an individual website from time to time. We are going to use the following scenario using Myspace.com as the target (because hey, everyone picks on them).
For some reason, your friends like to come over and use your computer to visit MySpace.com. You of course would rather your friends visit you. After all, it is your house. So, you open up the hosts file and get ready to block MySpace.com.
To do this, you need the URL (which is, ironically, Myspace.com). You open the host file and place a new entry:
The space between the IP and the URL can simply be a "space" or a "tab" - but something must be there. The IP address we use here is valid but not viable. It actually causes a loopback. You don’t need to know about that really, the end result is that your computer won’t connect to myspace.com.
See...
Still, seeing a connection error isn’t very entertaining – and might not get the point across to your friends. They might just think the site is down or you can't configure a wireless connection properly. Can't have that can we? Wouldn't it be neat if when they tried to go to MySpace the browser went someplace else?
Oh yes, yes it would...
Lets say you decided instead of just blocking MySpace.com, you want the computer to redirect to another site. For this example, we will use The Google. You should feel free to use some more imagination. This task is a bit more complicated, but doable. You will need to find out the IP address of the site you want to end up at – in this case Google.com. On a Windows machine, you can open a command line window and type “ping [domain name]” to get an IP address. Alternatively, you can visit a lookup site like
http://www.arin.net/index.shtml. Google’s IP address turns out to be 66.102.7.147. Now all we need to do is add the entry “66.102.7.147 myspace.com” to the host file and save the file. If you are following along, you may need to clear your browser cache and cookies to see the effects.
Nice eh? Notice we added and entry with "www" just in case someone tries that as well. Given the time and gumption, you could really mess up the entire internet!
But wait, there’s more...
Kiosk Mode
It is possible to use the hosts file along with a configuration to lockdown a computer’s web access to approved sites only. This is “kiosk” mode. You can think of it as “the list” at an exclusive club. Not on the list? Not gonna happen. Even the Manta's Press Pass won't make it so. Yet, it
is your computer - shouldn't it be pretty exclusive?
WARNING: Unlike redirection and blocking, we are delving into the realm of system hacker here. We’ll give you all the info you need for XP Pro, but if you don’t take notes about your system configuration, when it comes time to reverse what we do here (assuming you will one day want to), you may find yourself on the phone with your ISP.
Our forums are always available to you – but if you can’t get to them because you reconfigured your system, don’t blame us.
The Concept:
You might find you want to limit folks to only a few sites because you are creating a presentation machine and you want folks to stick to the presentation. Or, maybe you have very young children you want to limit to a few sites. In some business applications, it might be advantageous to limit systems to a proxy server. Whatever the case, hang on – here’s how its done….
Basically, what we want to do first is come up with a list of sites and IP address we want to allow. We then enter them (as we did before) into the hosts file, but this time, the IP addresses will actually match the URLs or domain names. Then we will disable the system from contacting the DNS servers – forcing the system to rely on the hosts file alone. The end effect is that if an entry is not in the hosts file, the system cannot connect to the site.
For this example, we will assume that the only place we want to allow is Google. It’s a silly example because even though it will allow us to do Google searches; anything we click on in the results will go no place. Yet, it is just an example. You may find you can apply it to a specific site or set of sites. Of note, this will allow you to visit pagers on the particular sever. The hosts file cannot be used to block sub-folders. Also, keep in mind these instructions are XP specific. If you are using another OS, hit the
Hardware Logic Forums for further info.
Once you have your sites entered into the file, save it, clear your browser cache and cookies, and test to see that it’s working. If you can visit the sites in your host file, it should be working.
Cutting the cord:
Now it’s time to kill DNS services. Get a note pad and a pencil (yes we mean it) and go to;
Start -> Control Panel -> Network Connections
Right-click on the connection you use and select “properties” (HINT: If you don’t know which connection it is, you can disable them, via a right click, one at a time, and check your connectivity – don’t forget to re-enable). After selecting “properties”, a window will open. Under the “General” tab, highlight “Internet Protocol [TCP/IP]” and click on the “Properties” button. Under the “General” tab of this window, you will see some settings for obtaining addresses. Here is where you will have to take notes. Maybe even a screen shot (shift+print screen, and paste it into something like Word). This is what you will want to change back if you change your mind. In our case, we’re lucky and our settings are all automatic so there are no IP addresses to write down – you may not be so blessed. Either way, copy down the information or take a screen shot and save it some place safe (setting a restore point isn’t a bad idea either).
With all your relevant info gathered, its time to cut the cord...
Now that you have the original settings saved or copied down, all you have to do is select “Use the following DNS server addresses:” and enter 1.0.0.0 into the top field and 2.0.0.0 into the other. Once that’s done, click the “Advanced” button and select the “DNS” tab at top of the new window. If you happen to have entries under “DNS Server addresses in order of use”, that are different than the ones you entered, you will want to copy them all down (or take a screenshot), and then remove them. Click “OK” to close all the windows, and you are done!
To test it out, just clear your browser cookies and cache and surf to someplace in your host file – then try to go someplace else.
You now have the control over where your system will and won’t go online.
But wait! Act now and we’ll throw in dooms day connectivity and ad-blocking!
It almost never happens, but what if the DNS servers you use went down? Your computer would be stuck with only what is in your hosts file. Can you think of any sites you might want to contact in such a catastrophe? Put them in your host file with proper IP’s and disabled DNS servers won’t stop you. Consider it part of your Y2K-07 kit (you have one right? You didn’t think the date was exact right? It could happen anytime. Always have fresh batteries and tinfoil hats at the ready - that's our motto!)
Using what we’ve done above, you can also block ads and pop-ups. You simply need to get the URL of the site serving them up. Here, your browser and your mouse can be your friend. Right click on the offending ad and select “view info” or “properties” or whatever is most similar. A window should open and give you the URL. But, please care and beware…
Just because you can do something doesn’t mean you should. Many sites use advertisements to stay in operation. Servers and staff are not free ya know (well, usually not free). The small amount of revenue they receive from a few well placed and audience targeted ads keeps them free to users and online. By blocking them, you are likely in violation of the site’s terms of service and you are sapping them of novel income used to keep functioning. Of course, we understand that untargeted advertising content can be intrusive and in fact, offensive at times. None of us are fans of “pop-up” ads either. You have the power – you make the call. We only ask you make a moral and fair one. And, if you find that you need to block ads for some reason, you might want to take a minimalist approach – the host file isn’t perfect..
The Devil is in the Detail
Truth is, hosts files with large numbers of entries can really slow down your web-surfing experience and in rare cases cause instability. Further, attempting to block all advertising sites with a hosts file is simply futile. If you find you are doing something that requires more than a couple dozen entries, you should consider a third party utility. Something else to keep in mind is that the file cannot be used to redirect IP addresses. In other words, you can block a site, but if someone types the IP address into a browser address bar, the connection will be made. In Windows XP, the file requires admin privys to modify, so anyone with them can change the file back. Further, in older versions of Windows, the file can be modified by anyone. Chances are, a visitor to you computer won’t think of it - but its good to know.
And speaking of "knowing", that's really the point of this. We often depend on someone else or some utility to do our bidding. It's a great system - one shouldn't need to be an engineer to operate of computer. On the other hand, some Kiosk software cost $400+. It's good to know you have alternatives.
Happy Hosting!
