Host File Editing

Microsoft Windows server v2003 r2 standa...
June 3, 2010 at 07:35:48
Specs: Windows XP
I edited my host file on my Active Directory (2003) server to redirect a couple of web sites to However, access to these site are still possible from any computer on the network. I tried restarting the DNS service and that didn't work. I also tried clearing the DNS cache on the DNS sever (which is also the AD server) and the IE cache on the workstation I'm testing from.

I don't understand why it isn't working. It's pretty straight forward I thought.

Anybody have any ideas why this would not work?

Thank you

See More: Host File Editing

Report •

June 3, 2010 at 08:58:50
It only works on the unit the host file is on. Might want to read up on how the host file works.

You would need to put the same host file on all pcs.

Much better to do content filtering in the router and block those sites that way.

Report •

June 3, 2010 at 08:59:48
Host files only aply to the local computer. They are Old School and what was used before they invented DNS. I only use Host files in situations where I can't get DNS like in VPN networks or tight Firewalls that I have no control over other wise they are a bad idea.

That being said I would put in a host record in your DNS Forward Lookup Zone. This way it will update to all of the computers connected to this DNS.

It sounds like you are trying to jail or block specific Web Sites is this correct? If so you may want to consider a different way like a Proxy Server. But this is just an assumetion.

Report •

June 3, 2010 at 09:32:09
I would not recommend polluting your DNS forward lookup zone with false entries. This is the wrong approach to the issue.

Spyware/spam programs make extensive usage of the hosts file so the hosts file is still a viable and used system.

Host files exist for networks that had no dns server like a home network. It is also much faster than DNS for name resolution since the hosts file is read into memory upon boot up. Name resolution happens locally and never hits the network.

Using hosts appropriately is always a good idea.

Report •

Related Solutions

June 3, 2010 at 10:06:15
Also keep in mind, that if you're using a proxy server, to access the internet, the host file entries will not work until you put the domain names, you'd like to block via host file are entered into the exception list of the internet settings of your browser.
You'd like to block
hosts file

So you have to add this entry to the exception list e.g. of the Internet Explorers proxy settings:;localhost;

The original poster should always write the last response !!!
Let us know, if the problem is solved !!!

Report •

June 3, 2010 at 10:15:20
I appreciate everyone's response. I will look further into all of this. I was really just trying this as a test of sorts because I'm having trouble with the policy in my firewall and I was trying different approaches to see what was working and what was not, with and without the firewall.

Oddly enough, before you guys started responding, I removed the domain name portion of my host file edit, and entered the ip address instead. so it read (for example) and at the moment, nobody can get to that site on the network. Again, this was by editing the host file on the AD server where dns is running, not on the workstation machines.

I don't know if it's working, or if something else is going on... But I appreciate everyone's comments and suggestions.

Report •

June 3, 2010 at 11:13:03
That is not a valid host entry so not getting to the site has nothing to do with your hosts file edit.

Hosts file takes the name and translates it to a ip address. This is why works. IP to IP is an invalid entry.

You do understand even if you were using your server as a router its local dns cache has no effect on the pcs local dns cache?

Report •

June 4, 2010 at 06:01:15

Yes, I understand that. What you said makes sense, everyone else too. It looks like at some point yesterday, I did in fact get my firewall working, although I was not aware of it. I thought the entries I made were what was working, for whatever reason. I have removed all changes I made, and the sites are now still blocked (by the firewall).

I'm not sure now what happened to the firewall and why it wasn't doing it's job previously. But it seems to be working now.

I appreciate your help everyone.

Report •

Ask Question