How to block an IP address in Windows

Blocking an IP address in Windows helps cut off unwanted scanning, brute-force attempts, and noisy application traffic before it reaches local services. Firewall-level blocks are useful for quickly denying a known hostile host or isolating traffic during troubleshooting. Unlike name-based restrictions, IP filtering still applies when connections are made directly to an address.

Windows applies firewall rules through the Windows Filtering Platform, and Windows Defender Firewall exposes that control through inbound and outbound rule sets. A rule can match remote addresses (and optionally protocols/ports), then enforce an action such as Block the connection. Creating the rule in Windows Defender Firewall with Advanced Security keeps it manageable and auditable alongside other security rules.

IP blocks work best when the remote address is stable; many cloud services rotate addresses, requiring regular rule updates. Inbound rules stop remote systems from reaching local services, while outbound rules prevent the PC from initiating connections to the blocked address. In managed environments, Group Policy can add or overwrite firewall rules, and blocking the wrong address (such as an admin workstation or VPN egress IP) can break remote administration.

Related: How to block a network port in Windows Firewall
Related: How to access and view Windows Firewall logs

Steps to block an IP address using Windows Defender Firewall:

  1. Open Control Panel.
  2. Select System and Security.
  3. Open Windows Defender Firewall.
  4. Select Advanced settings.

    Shortcut: open Run (Win+R) and run wf.msc.

  5. Select Inbound Rules.
  6. Select New Ruleā€¦ from the Actions pane.
  7. Select Custom and click Next.
  8. Select All programs and click Next.
  9. Select Any for Protocol type and click Next.
  10. Select These IP addresses under Remote IP address.
  11. Click Add under Remote IP address.
  12. Enter the IP address to block and click OK. 
    203.0.113.45

    Blocking a current management IP can immediately break remote access (RDP/WinRM/SMB) until the rule is removed.

  13. Click Next.

    Select This IP address range in the add dialog when blocking multiple addresses.

  14. Select Block the connection and click Next.
  15. Select the profiles to apply and click Next.

    Private typically covers trusted networks, while Public applies to untrusted networks.

  16. Enter a descriptive rule name and click Finish.

    Include the blocked IP and purpose in the name for quick identification.

  17. Confirm the new rule appears in Inbound Rules and is enabled.
  18. Create a matching rule under Outbound Rules when outbound connections to the IP must be blocked.