How to block a network port in Windows Firewall

Blocking a network port in Windows is an essential measure for restricting traffic and preventing unwanted connections. Network ports serve as communication gateways, carrying data between processes and external sources. Malicious actors often exploit open ports to gain unauthorized access, making port blocking a vital technique in robust security policies.

The built-in Windows Firewall offers granular control over inbound and outbound traffic, allowing administrators to selectively block specific ports. This functionality is crucial for organizations managing sensitive data or critical infrastructure. Restricting access to unused or vulnerable ports helps minimize the attack surface and prevents unauthorized entry.

Choosing TCP or UDP for blocking depends on the communication requirements of the targeted application or service. Blocking one or both protocols ensures unwanted data exchange is halted, reducing risk exposure. Implementing these measures strengthens overall network defense and provides an added layer of protection against threats.

1. Open Control Panel by pressing the Windows key and searching for Control Panel.
2. Go to System and Security, then select Windows Defender Firewall.
3. Click on Advanced Settings from the left-hand menu.

   Advanced Settings opens the Windows Firewall with Advanced Security console, where you can configure rules to block network ports.

4. In the Windows Firewall with Advanced Security window, click Inbound Rules on the left side.
5. Select New Rule from the right-side menu.
6. Choose Port as the rule type and click Next.
7. Select either TCP or UDP, depending on the protocol you need to block.

   Use TCP for connection-oriented communication and UDP for connectionless communication. Ensure you're blocking the correct protocol based on your application needs.

8. Enter the specific port number you want to block in the Specific local ports field.

   Example: To block port 80 for HTTP traffic, enter the following: Port: 80

9. Click Next, then select Block the connection.

   Blocking the connection prevents any incoming or outgoing data through the specified port.

10. Choose the network profile where the rule should apply: Domain, Private, or Public.
11. Name the rule and click Finish.

    Use a descriptive name for the rule, such as “Block Port 80” to easily identify it later.