Block Outgoing HTTP Requests

TL;DR

This guide shows you how to prevent applications on your system from making connections to external websites (outgoing HTTP/HTTPS requests). We’ll cover using a firewall and, for more granular control, modifying application configurations.

1. Using a Firewall (Simple Method)

A firewall is the easiest way to block all outgoing HTTP(S) traffic. This will affect *all* applications trying to connect externally. We’ll use ufw (Uncomplicated Firewall), common on Ubuntu and Debian systems.

1. Check UFW Status: First, see if UFW is enabled.

   sudo ufw status

2. Enable UFW (if disabled): If it’s inactive, enable it.

   sudo ufw enable

3. Block Outgoing HTTP: This blocks all outgoing connections on port 80 (standard HTTP).

   sudo ufw deny out 80

4. Block Outgoing HTTPS: This blocks all outgoing connections on port 443 (standard HTTPS).

   sudo ufw deny out 443

5. Verify Rules: Check the rules to confirm they’ve been added.

   sudo ufw status numbered

Important: Blocking all outgoing HTTP/HTTPS can break many applications. Test carefully!

2. Granular Control with Application Configuration

If you need to allow some applications access while blocking others, modify their configurations directly.

2.1. Web Browsers

1. Proxy Settings: Configure the browser to use a non-existent proxy server.
   • In your browser settings (e.g., Chrome, Firefox), search for “proxy”.
   • Set a dummy proxy address and port (e.g., 127.0.0.1:9999). The browser will fail to connect.

2.2. Command-Line Tools (e.g., curl, wget)

You can often configure these tools to use a proxy as well.

1. Environment Variables: Set the http_proxy and https_proxy environment variables.

   export http_proxy=http://127.0.0.1:9999
   export https_proxy=http://127.0.0.1:9999

2. Configuration Files: Some tools have configuration files where you can set proxy settings permanently. Check the tool’s documentation.

2.3. Python Scripts

If your script uses the requests library, configure it to use a dummy proxy.

import requests
proxies = {
  'http': 'http://127.0.0.1:9999',
  'https': 'http://127.0.0.1:9999'
}
try:
    response = requests.get('https://www.example.com', proxies=proxies, timeout=5)
    print(response.status_code)
except requests.exceptions.RequestException as e:
    print(f'Connection failed: {e}')

3. Advanced Firewall Rules (Specific Applications)

For more targeted blocking, use UFW to block specific applications based on their executable name.

1. Find Executable Name: Determine the exact path and name of the application’s executable.
2. Block Application: Use ufw deny from any app [executable_path]. For example, to block Firefox:

   sudo ufw deny from any app /usr/bin/firefox

3. Verify Rules: Check the rules.

   sudo ufw status numbered

4. Considerations

• DNS Resolution: Blocking HTTP/HTTPS doesn’t necessarily prevent DNS lookups. You might need to block outgoing port 53 (DNS) as well, but this can break name resolution entirely.
• VPNs and Proxies: If a user is using a VPN or proxy, these methods may not be effective.
• Cyber security best practice: Regularly review firewall rules to ensure they are still appropriate.