Using a PAC file to restrict access to Websites

If you want to control which websites can be accessed from one or more computers a PAC file solution can be used.

The PAC file is a fairly simple file containing information on which sites can or cant be accessed – depending on what your needs are. This means you can set up a solution where all websites can be accessed except from the ones in your PAC file or you can setup a solution where all websites are blocked except from the ones in the PAC file.

In Internet Explorer you then have to enable the “Use automatic configuration script” under Tools > Internet Options > Connections > LAN Setting and then point to the location of your PAC file. The PAC file can be placed both locally or on a webserver.

Example of a PAC file where only the sites *.google.com, *.facebook.com and *.msn.com can be accessed (Proxy.pac):

function FindProxyForURL(url, host)
 {
// variable strings to return
 var access = "PROXY servername.domain.com:8080";
 var noaccess = "PROXY 127.0.0.1:80";
 if (shExpMatch(host, "*.google.com")) { return access; }
 if (shExpMatch(host, "*.facebook.com")) { return access; }
 if (shExpMatch(host, "*.msn.com")) { return access; }
 // Proxy anything else
 return noaccess;
 }

Example of a PAC file where the above sites are blocked and all other sites can be accessed.

function FindProxyForURL(url, host)
 {
// variable strings to return
 var access = "PROXY servername.domain.com:8080";
 var noaccess = "PROXY 127.0.0.1:80";
 if (shExpMatch(host, "*.google.com")) { return noaccess; }
 if (shExpMatch(host, "*.facebook.com")) { return noaccess; }
 if (shExpMatch(host, "*.msn.com")) { return noaccess; }
 // Proxy anything else
 return access;
 }