A HOSTS file is used to manually force map a hostname to an IP address without relying on a DNS service. The HOSTS file is found on every operating system and for Windows, it is located at Windows\System32\drivers\etc\ folder, just with the filename as HOSTS without an extension. By default the HOSTS file doesn’t contain any mappings and most computer users don’t even need to touch the file. The below image is how the default Windows HOSTS file looks like.
However, web developers who are developing websites locally from their computer may find it useful because they can download the whole website’s code to their computer, map the domain name to their computer’s IP address and immediately start editing without worrying about the absolute URLs. Another common usage of HOSTS file is to block websites including advertisements and web trackings by mapping it to a localhost which is 127.0.0.1 or to a non-routable 0.0.0.0 IP address. Other than using the HOSTS file for good purposes, some malware uses it to block the infected computers from accessing security based websites.
There are times when you need to check the HOSTS file, for example when you suddenly find a website inaccessible from a particular computer while it loads perfectly fine on others. Here is how to view and edit the HOSTS file in Windows.
If you want to block the computer from accessing Facebook, simply create a new line in the HOSTS file with the following mapping:
Do take note that blocking just facebook.com using the HOSTS file does not block www.facebook.com. Depending on the website, Facebook automatically redirects the non-WWW version to the WWW, while Twitter does the opposite by redirecting the WWW to the non-WWW version of the domain name. You can see the video demo on the effectiveness in blocking Facebook using the HOSTS file in Windows 7.
Because of the effectiveness in using the HOSTS file to block out unwanted websites, some anti spyware program such as Spybot immunizes your system by adding more than 15,000 entries to your HOSTS file. The Spybot immunization database is quite old and was last updated more than a year ago. The better alternatives that we recommend are HOSTS file maintained by MVPS with over 16,000 entries and hpHosts with over 180,000 entries.
To install the HOSTS file by MVPS, download the ZIP file, extract, right click at mvps.bat file and select Run as administrator. As for hpHosts, it is much easier because it comes with an installer that can even automatically disable the Windows DNS Client service by checking an option.
We have previously mentioned that malware also uses this method to prevent you from accessing certain websites that can potentially help to remove the malware by either redirecting you to another website or simply block the website. One way to determine if the blocked website you’re trying to access is listed in the HOSTS file is by using the PING command. First you need to ping the blocked website from your computer using command prompt.
1. Press the WIN key on your keyboard, type cmd and press ENTER.
2. Type ping www.facebook.com (you can replace the www.facebook.com with the address that you want to test) and press Enter. Take note of the resolved IP address that I have circled in yellow.
3. Then go to Pingdom Tools, enter the website in the box and click the Test Now button. Take note of the IP address and compare it with the one that you got from your computer. If both of the IP addresses are different, or listed as 127.0.0.1 or 0.0.0.0 from your computer, then it is very likely that the website is blocked using the HOSTS file.
Fortunately resetting the HOSTS file to default is really easy. You can either open the HOSTS file with Notepad as shown earlier, deleting everything inside and save it, or you can just download, run the Fix it 50267 tool created by Microsoft and follow the on-screen instructions.
Final Note: Having an updated HOSTS file is really useful to block unnecessary websites such as advertisements, trackers, parasites and etc but huge HOSTS file can be problematic. First of all you may notice performance degradation where it takes longer to boot in to Windows and also any application that uses the Internet also seems to hang for a while during startup. The bigger problem would be your Internet connection stops working and the only way to fix the problem is to disable the DNS Client service. When the DNS Client service is disabled, the HOSTS file will be read repeatedly whenever an application makes a DNS lookup.