0

I want to write a program that can monitor all system HTTP/HTTPS protocols used to open the default browser, and block certain ones, automatically changing certain requested URL into another. The process of changing a URL is simple, but the monitoring and blocking part is quite puzzling.

e.g. When clicking on the URL 'https://example.com/asdf.htm', the request will be blocked by the program and the the Windows system will receive the command of 'http://www.example2.org/asdf.htm' instead and the latter instead of the former URL will be opened by the default browser.

I am an amateur developer and student who do not have much experience in solving such problems.

I searched the web and found someone asked a similar question years ago:

https://superuser.com/questions/554668/block-specific-http-request-from-windows

However, I didn't find any useful advice on coding in the page. Maybe I can use an antivirus program to block certain URLs or change the hosts file to block certain URLs but the URL replacement cannot be done. Certainly, changing the hosts to a certain server which redirects certain requests might work but that's too complex. I wish someone can help me solve the problem by giving a simple method on monitoring the Windows system itself. Thanks!

szw0407
  • 21
  • 5
  • What are you trying to achieve, exactly? Is this like an experiment? A hobby? A task for school? Or for work? I recommend you first learn what "blocking a protocol" means. You don't block "protocols", but you can block access to ports. An antivirus doesn't block them, a firewall does. Please, do extensive due diligence and extensive reading before attempting things like this, don't just copy-paste random things off forums or sites. Also, **do not** edit your hosts file. Normally a user shouldn't even be able to edit it. Ever! (not even on home PCs) – TheNomad Dec 27 '22 at 12:51
  • I recommend you start off with some networking tutorials, first learning about the OSI model (mandatory!!) and then depending on what further info you provide as to what the purpose of this is, you either need a software firewall, a proxy or a hardware firewall. There is no "windows script" that blocks an address (meaning the browser alerts your script, checks it, runs it, then blocks it) which is why you didn't find anything online. – TheNomad Dec 27 '22 at 12:54
  • Well, I wish to make my problem clearer. I know that the system runs 'https://example.com', when, for example, I click on such a link in a document. The click on the link does the same thing as I type the command in the Ctrl+R window. It askes the default browser to open the web page. I hope now the browser won't start, untill the command be changed into, for example 'https://example.org' and then the browser opens the latter URL. I'm not to use a firewall, but automatically do something like a redirect, but not on a server, but in my computer, operating on commands directly. – szw0407 Dec 27 '22 at 13:09
  • OK, I understand, you want a forward or redirect. Is the final target of this "flow" a project for school or a task for work? You say you won't use a SW or HW firewall. So in order to help you, we also need to know the context. – TheNomad Dec 27 '22 at 13:52
  • It's a personal project. When I am away from school, I have to use its WebVPN to access most contents online. The WebVPN is just in fact another URL, like a proxy site. I hope to automatically redirect the origional URL to the WebVPN URL when I'm not at school. That's why I need a program. My IP address can be checked before the redirection, and the redirection happens only when necessary. I'm not sure whether others had done similar work before. Sorry to have bothered you with a poor description of my problem, as English isn't my native language and I'm not fluent in it. – szw0407 Dec 27 '22 at 14:07
  • You can't do it with a script called by the browser. While editing the hosts file *will* do what you want, **I really, REALLY don't recommend it**. I guess you could also try making your own browser extension, but I can't guarantee it will work. I believe (but not 100% sure) that extensions can work with page elements, not to actually control page-flows (but I could be wrong). SW firewalls can't redirect either, just block traffic. A HW firewall might be able to do the job, but they're expensive. – TheNomad Dec 27 '22 at 14:18
  • OK, sounds like you need a proxy server. Keep in mind you need to manually enable or disable proxy handling depending on whether you need forward to WebVPN or not. A proxy server on the other hand will do EXACTLY what you need. But yes, it means you need a different computer. The original issue still remains: regardless of using a hardware firewall (which is a separate equipment and not recommended for home projects as it's expensive) or a proxy server, you need to learn networking basics first. Then start some networking common stuff. Proxies aren't for beginners. – TheNomad Dec 27 '22 at 14:19
  • I, in fact, have another idea but I need to do more experiments first. Tampermonkey scripts might work. I also wonder whether such a proxy server can run on localhost or not. If it were to run on localhost, maybe everything would be easier. I can start the proxy server when the system starts and my IP is not at school. Anyway, thanks for your guidance. – szw0407 Dec 27 '22 at 14:30
  • Tampermonkey is basically an alternative to the other suggestion of using browser extensions. But as I said, I think they'll modify the pages, not the browser. I guess you can try a localhost proxy, since you're not actually monitoring traffic, just redirecting it to WebVPN. OK, I'll summarize it into an answer. Once you succeed please return here and comment on the answer regarding what solution you picked in order to guide others that might want to do what you wanted. And if the solution you picked is a proxy, please mark my answer as Accepted as guidance for others viewing your question. – TheNomad Dec 27 '22 at 16:16

1 Answers1

1

To summarize our conversation in the comments, in order to redirect or restrict traffic, either to sites, either to ports (protocols are actually "mapped" via ports) the main solutions usually are:

  1. a software firewall - keep in mind that SWFW don't usually redirect, they just permit or allow traffic via ports

  2. a hardware firewall (or advanced router, not the commercial ones, but enterprise grade) - they do what you want, but they are very expensive and not worth for a home experiment

  3. a proxy server - this can do what you want

Other alternatives that might or might not work would include editing the hosts file, as you said, but as stated earlier I don't recommend it, it's a system file and if you forget about it, then it can be a hindrance (also keep in mind that normally you should not use a Windows user with admin rights even at home, but that is another story) and a browser extension (which I would guess only changes content on pages, not the way a browser works (such as changing URLs).

I think a proxy server is the best pick here. Try it and let me know.

Keep in mind I still recommend you read about networking in order to get a better idea of what you can and can't do in each setup.

TheNomad
  • 892
  • 5
  • 6