How to Block a Website with the Hosts File (2026)
Block any website system-wide using the hosts file. Redirect domains to 0.0.0.0 or 127.0.0.1 on Windows, Mac and Linux. Unblock mistakes and avoid pitfalls.
Locahl Team
Table of Contents
- How hosts file blocking works
- 0.0.0.0 vs 127.0.0.1 β which to use?
- Step-by-step: block a website
- Windows
- macOS
- Linux / Ubuntu
- Block multiple websites
- Manual list
- Import a blocklist
- Important: block both www and non-www
- Unblock a website
- Verify blocking works
- ping test
- Browser test
- nslookup
- Limitations of hosts file blocking
- No wildcards
- Modern apps use many domains
- DNS-over-HTTPS bypass
- VPN and custom DNS
- Mobile apps on the same machine
- Does not block other devices
- Blocking vs redirecting
- Performance with large blocklists
- Best practices
- Example: focus mode blocklist
- Blocking streaming and social platforms
- Legal and workplace considerations
- GUI management with Locahl
- Related guides
The hosts file is one of the simplest ways to block a website on your entire computer β not just in one browser, but in every application that uses the system DNS resolver. Redirect a domain to 0.0.0.0 and requests fail before they leave your machine. No extension required. No subscription.
This guide shows how to block any website on Windows, Mac, and Linux β plus how to unblock mistakes, block multiple domains efficiently, and understand the limitations.
See also: Main editing guide Β· Block ads with the hosts file
How hosts file blocking works
When your computer tries to connect to facebook.com, it first checks the hosts file. If the file contains:
0.0.0.0 facebook.comThe OS resolves facebook.com to 0.0.0.0 β a non-routable address. The connection fails immediately. The request never reaches Facebook's servers or any DNS server.
This is system-wide blocking β it affects:
- All browsers (Chrome, Firefox, Safari, Edge)
- Desktop applications
- Command-line tools (
curl,wget) - Many Electron apps
It does not affect:
- Apps using hardcoded IP addresses
- Apps using DNS-over-HTTPS that bypass local resolution
- Other devices on your network (blocking is local to one machine)
0.0.0.0 vs 127.0.0.1 β which to use?
| Address | Behavior | Recommended? |
|---|---|---|
0.0.0.0 | Invalid route β instant failure | Yes β preferred |
127.0.0.1 | Routes to localhost β may cause delay | Works, but slower |
:: (IPv6) | IPv6 invalid/null route | Use for IPv6-enabled apps |
Use `0.0.0.0` for blocking. It is the standard in ad-blocking lists like Steven Black's hosts file.
For IPv6-capable applications, also add:
:: facebook.comStep-by-step: block a website
Windows
1. Open Notepad as administrator (see Windows guide) 2. Open C:\Windows\System32\drivers\etc\hosts 3. Add at the bottom:
# Block Facebook β added 2026-06-11
0.0.0.0 facebook.com
0.0.0.0 www.facebook.com
0.0.0.0 m.facebook.com
0.0.0.0 web.facebook.com4. Save (Ctrl+S) 5. Flush DNS:
ipconfig /flushdnsmacOS
sudo nano /etc/hostsAdd blocking entries, save (Ctrl+O, Enter, Ctrl+X), then:
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponderSee Mac guide.
Linux / Ubuntu
sudo nano /etc/hostsAdd entries, save, then:
sudo resolvectl flush-cachesSee Linux guide Β· Ubuntu guide
Block multiple websites
Manual list
# === Productivity blocks ===
0.0.0.0 twitter.com
0.0.0.0 www.twitter.com
0.0.0.0 x.com
0.0.0.0 www.x.com
0.0.0.0 reddit.com
0.0.0.0 www.reddit.com
0.0.0.0 old.reddit.com
0.0.0.0 instagram.com
0.0.0.0 www.instagram.comImport a blocklist
Popular curated lists contain thousands of ad and tracker domains:
Steven Black's unified hosts file:
# macOS/Linux β back up first!
sudo cp /etc/hosts /etc/hosts.backup
curl -s https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | sudo tee /etc/hostsWindows (PowerShell as admin):
Copy-Item C:\Windows\System32\drivers\etc\hosts C:\Windows\System32\drivers\etc\hosts.backup
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" -OutFile C:\Windows\System32\drivers\etc\hosts
ipconfig /flushdnsFor ad-specific blocking see Block ads with the hosts file.
Important: block both www and non-www
A common mistake β blocking only facebook.com but not www.facebook.com:
# Incomplete β www.facebook.com still works!
0.0.0.0 facebook.com
# Complete
0.0.0.0 facebook.com
0.0.0.0 www.facebook.comAlways block both variants. Some sites also use m., mobile., or api. subdomains.
Unblock a website
1. Open the hosts file as administrator 2. Find the blocking lines 3. Either delete them or comment out with #:
# 0.0.0.0 facebook.com
# 0.0.0.0 www.facebook.com4. Save and flush DNS cache
Verify blocking works
ping test
ping facebook.comExpected on blocked domain:
PING facebook.com (0.0.0.0): ...Or "Request timed out" / "Destination host unreachable."
Browser test
Navigate to the blocked site β you should see:
- "This site can't be reached" (Chrome)
- "Unable to connect" (Firefox)
- "Safari Can't Connect to the Server" (Safari)
nslookup
nslookup facebook.comShould return 0.0.0.0 or 127.0.0.1.
Limitations of hosts file blocking
No wildcards
You cannot write:
0.0.0.0 *.facebook.com # DOES NOT WORKEach subdomain needs its own line. For wildcard blocking, use dnsmasq or Pi-hole.
Modern apps use many domains
YouTube, Netflix, and Spotify use dozens of CDN domains. Blocking the main domain often breaks functionality incompletely rather than blocking cleanly.
DNS-over-HTTPS bypass
Browsers with Secure DNS enabled may bypass the hosts file for some lookups:
- Chrome: Settings β Privacy β Security β Use secure DNS β Off (for testing)
- Firefox: Settings β Privacy β DNS over HTTPS β Off
VPN and custom DNS
If your system uses a VPN or custom DNS (1.1.1.1, 8.8.8.8) configured to bypass local resolution, hosts file blocking may not apply to all traffic. Test with ping first.
Mobile apps on the same machine
Most desktop apps respect the hosts file. Some sandboxed apps (macOS App Store apps with network entitlements) may behave differently.
Does not block other devices
Hosts file blocking is per machine. Your phone and tablet are unaffected. For network-wide blocking, use router-level DNS filtering or Pi-hole.
Blocking vs redirecting
Blocking (0.0.0.0) makes the site unreachable. Redirecting sends the domain to a different IP:
# Redirect old-site.com to new server for testing
203.0.113.50 old-site.comThis is not blocking β it is routing. Useful for staging tests. See main guide.
Performance with large blocklists
Blocklists with 100,000+ entries:
- Slightly increase file read time at boot (negligible on modern hardware)
- May slow DNS lookup by microseconds per query
- Can occasionally cause false positives (blocking legitimate CDN domains)
Start with a small manual list. Add curated lists incrementally. Keep a backup.
Best practices
- Comment every block with reason and date
- Back up before importing lists β
sudo cp /etc/hosts /etc/hosts.backup - Block www AND non-www versions
- Test after blocking β verify the site fails AND critical services still work
- Review blocklists β Steven Black's list is maintained but may block domains you need
- Use 0.0.0.0 not 127.0.0.1
- Flush DNS after every change
- Remove blocks when no longer needed β stale blocks cause confusing failures months later
Example: focus mode blocklist
# === Focus mode β weekdays only (manual toggle) ===
# Created: 2026-06-11
0.0.0.0 twitter.com
0.0.0.0 www.twitter.com
0.0.0.0 x.com
0.0.0.0 www.x.com
0.0.0.0 reddit.com
0.0.0.0 www.reddit.com
0.0.0.0 old.reddit.com
0.0.0.0 news.ycombinator.com
0.0.0.0 instagram.com
0.0.0.0 www.instagram.comToggle focus mode by commenting/uncommenting the block and flushing DNS.
Blocking streaming and social platforms
Some platforms require blocking multiple related domains for effective blocking:
# Netflix (partial β CDN domains also needed)
0.0.0.0 netflix.com
0.0.0.0 www.netflix.com
# TikTok
0.0.0.0 tiktok.com
0.0.0.0 www.tiktok.com
0.0.0.0 tiktokv.comComplete blocking of streaming services is difficult because video delivery uses many dynamically named CDN endpoints. Hosts file blocking works best for simple websites with few domains β news sites, forums, and social networks with predictable hostname patterns.
Legal and workplace considerations
Blocking websites on a work machine may violate employer acceptable use policies if it interferes with work-related access. Blocking on a shared family computer affects all users β communicate before deploying large blocklists. The hosts file is a local tool, not network surveillance; it does not log or report blocked attempts.
GUI management with Locahl
Managing hundreds of blocking entries manually is tedious. Locahl lets you enable/disable individual entries without deleting them β useful for toggling focus blocks. Automatic backup and DNS flush included.
Related guides
- Edit host file β all platforms
- Block ads (large lists)
- Windows editing
- Mac editing
- Linux editing
- Syntax reference
- Is editing safe?
- Complete reference
---
*Last tested: Windows 11 24H2, macOS 15, Ubuntu 24.04 β June 2026.*
Ready to simplify your workflow?
Stop wasting time with the terminal. Locahl lets you manage your hosts file in a few clicks, with automatic validation and no risk of errors.
- Intuitive visual interface
- Automatic DNS flush
- Multi-environment management
- Automatic backups
- JSON Import/Export
Reader Reviews
"Blocked distracting sites across all apps, not just the browser. The 0.0.0.0 vs 127.0.0.1 explanation was exactly what I needed."
June 3, 2026
"Simple and effective. Used this to block social media during exam prep β works in Chrome, Safari, and even Slack embeds."
June 6, 2026
"Great guide. Wish I had known about blocking both www and non-www versions earlier β missed that at first."
June 10, 2026
Frequently Asked Questions
How do I block a website using the hosts file?
Add a line redirecting the domain to 0.0.0.0 or 127.0.0.1 β for example: 0.0.0.0 facebook.com. Save as administrator and flush DNS cache.
Should I use 0.0.0.0 or 127.0.0.1 to block websites?
Use 0.0.0.0 β it fails instantly without attempting a connection. 127.0.0.1 works but may cause a brief delay as the system tries to connect to localhost.
Does blocking work in all browsers?
Yes β hosts file blocking is system-wide. It affects all browsers and most applications. Some apps with hardcoded DNS or DoH may bypass it.
Can I block YouTube with the hosts file?
Partially. You must block multiple domains (youtube.com, www.youtube.com, m.youtube.com, googlevideo.com, ytimg.com). YouTube uses many CDN domains, making complete blocking difficult.
How do I unblock a site I blocked by mistake?
Find the line in your hosts file, delete it or comment it out with #, save, and flush DNS cache.
Can I use wildcards to block all subdomains?
No. The hosts file does not support wildcards like *.facebook.com. Each subdomain must be listed on its own line.
Is hosts file blocking better than browser extensions?
Different strengths. Hosts file blocks system-wide (all apps). Extensions offer easier management and filter lists. Many people use both.
Related Articles
How to Edit the Host File on Windows, Mac and Linux (2026)
Edit the host file on Windows, macOS and Linux: file location, admin rights, syntax, DNS flush, and troubleshooting when changes do not apply.
Locahl Team
How to Edit the Hosts File on Windows 10 (2026)
Edit the Windows 10 hosts file step by step: Notepad as administrator, file location, UAC, save errors, DNS flush, and troubleshooting access denied.
Locahl Team
How to Edit the Hosts File on Windows 11 (2026)
Three methods to edit the Windows 11 hosts file: Notepad as admin, PowerShell, and VS Code. Includes UAC tips, DNS flush, and troubleshooting for 24H2.
Locahl Team
How to Edit the Hosts File on Linux (2026)
Edit /etc/hosts on Linux with nano or vim: permissions, syntax, DNS flush on systemd and legacy systems, and troubleshooting for developers.
Locahl Team
How to Edit the Hosts File on Ubuntu (2026)
Edit /etc/hosts on Ubuntu 24.04 with nano, understand systemd-resolved interaction, flush DNS cache, and fix entries that systemd-resolved ignores.
Locahl Team