Problem solve Get help with specific problems with your technologies, process and projects.

Blocking downloads via HTTP

How can I prevent users from downloading any files from the Internet through the Windows 2003 domain? Then, how can I choose some of the files and prevent them from opening Internet Explorer and using all of the Internet?

This is one of the more difficult things to restrict and isn't readily done as a function of the Windows 2003 domain. Preventing FTP downloads is relatively straight forward -- simply block TCP destination ports 20 and 21 at your firewall from your internal users. This will prevent them from being able to connect to an FTP server on the Internet. Blocking downloads via HTTP is a little trickier. I recommend implementing content filtering at your Internet gateway to control what users are allowed to do with HTTP. In addition to being able to prevent downloading of files, it allows you to control how your users are able to browse the Internet, what sites they are allowed to visit, when they are allowed to visit. It also allows you to permit exceptions (for example allowing IT to download files). Here are some common content filtering software vendors:


In many cases, you simply create a rule in the above products that contains the URL keyword (*.exe, *.mp3, *.bin, *.avi, etc) that you want to prevent. Good luck!

Dig Deeper on Windows 10 security and management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.