# How do you Limit access to ONE website only



## WutzLinux (Aug 18, 2012)

I don't know anything about Linux, however I am fairly well versed with the Windows Products. I know this can be done, I just don't know exactly how to do it. Please advise. 

I have a laptop with Win Xp; however I need employees to go to only ONE WEBSITE (where they would fill in customer info; then it would take them to another page or two).

HOW Can I restrict them to only go to just the ONE website? 
_(preferably using Firefox)_

_Here are my thoughts:_


I really don't want to mess with the recently reinstalled XP, in case I can sell it) However, being that XP is out of date and has no support: 
I was thinking of simply locking Bios, and User Access on Laptop so they would have NO ACCESS to originally installed OS on the laptop.
Then using a CD to Boot/Start something like Puppy Linux, or DSL..
But then how would I get them to only be able to go onto the ONE website from there?

Thank You for your Suggestions


----------



## Eddie.Dean.19 (Dec 15, 2011)

Hello wutzlinux

I think the fastest way to go about this is to edit either windows' host file or linux's /etc/resolv.conf file.

At the top of these lists you should put the domain name of the website then a space and it's ip like so:

Example.com 19.19.19.19

Followed by a wildcard and localhost this way nothing else will resolve.

*.* 127.0.0.1

It is important to put the wild card last in the list because it looks up in order listed.


----------



## hal8000 (Dec 23, 2006)

Another way to do this is make entries in /etc/hosts.deny and /etc/hosts.deny

However this is more complex than the elegant solution already suggested by Eddie.


----------



## JMPC (Jan 15, 2011)

What type of hardware firewall do you have at this location. That would be one method of locking things down. Some routers can do the same and a service like OpenDNS may also be able to do something similar.


----------



## WutzLinux (Aug 18, 2012)

Im sorry, I have NO clue as to where or how at this time. Ive got a bad back, and they gave me some meds that effected my memory, thus Im kinda the 8ball here ... Could you please be a bit more specific, or send me to a link that will explain it better? - 
Thank You for the reply though!<smile>


----------



## WutzLinux (Aug 18, 2012)

JMPC said:


> What type of hardware firewall do you have at this location. That would be one method of locking things down. Some routers can do the same and a service like OpenDNS may also be able to do something similar.


Its a Linksys Router. Cant recall the model, its at anoother location. But I think I know where you are going with this. Thanks for the kick to the head and jump starting me! hehe


----------



## WutzLinux (Aug 18, 2012)

Eddie.Dean.19 said:


> Hello wutzlinux
> 
> I think the fastest way to go about this is to edit either windows' host file or linux's /etc/resolv.conf file.
> 
> ...



Can You please be more specific? Thanks. 
Actaully, Id really like to pull the HDs on these laptops, and just have them boot off of CD, if possible, giving me only the one website option. Do you think that would be harder or easier than what you suggested so far? (The reason I ask is because these idiots just are so abusive to the equipment and I really dont want to have to spend money on 3 more anti-virus licences for something that will only be used for about 4 hrs a day, 4-5 days a week. You know what I mean? Please Advise, and thank you very much again!


----------



## JMPC (Jan 15, 2011)

I guess it would be best to start with exactly what it is you're trying to do. It sounds like you have systems that are accessed by end users and that these are not home systems.

The boot disc is a great idea from a virus standpoint since nothing can be saved if the system is run from a boot disc. Keeping the systems confined to one site may be more difficult but some routers/firewalls can do it. OpenDNS is another option to look into.


----------



## WutzLinux (Aug 18, 2012)

JMPC said:


> I guess it would be best to start with exactly what it is you're trying to do. It sounds like you have systems that are accessed by end users and that these are not home systems.
> 
> The boot disc is a great idea from a virus standpoint since nothing can be saved if the system is run from a boot disc. Keeping the systems confined to one site may be more difficult but some routers/firewalls can do it. OpenDNS is another option to look into.



I have a friend who owns a few bars. He has a site that he hast to go to, that basickly does a background check on the people coming in the door. (Its kinda... a rough outfit) So, 
#1) They scan the persons Drivers License into the CCTV system we put in. 
#2) The door security guy has to contact (via the internet) the service he pays for) that does the background check. The Security guy can either type in or slide the card through the swiper (like a credit card swiper) and the persons information comes back. 

So ... What we want, is to restrict the piece of crap laptops we got, to only go to ONE website. (so they wont get email, porn, surf the net, etc ... ) It is done via his own internet connection, & through his own linksys router. The laptops never (should) leave the premises, however, they DO use a wireless connection. If Neccy, we CAN install a network switch and run a cable over to it (about 20 ft) if we would need a piece of hardware to do it) I know there is a simple way to do it, I just cant locate an old friend who did it to his computer at home on his kids a few years back. 

Like I said earlier though. I thought it would be best if we dont use the hard drive, as "his" security guys are usually gorillas, with about the same aptitude as gorillas! and would tend to damage the laptops. Furthermore, I thought with a bootable disk, if something happened, they could just reboot and they were up and running again. No hassles.. you know? 

Ok .. I hope that covers it all for you. Ive banged my head against the wall on this for some time now (had his laptops for about 6 mos!) so I need to find a solution soon for my friend. :banghead:

As you can see, it is not a complicated situation, it just requires a PC to connect to ONE website only. BTW) The reason for the internet connection is because they use Music via the Internet and the CCTV Security System DVR & Cameras can be viewed by the owner to his cell phone or pcs by him via the internet, so that all goes through the router too.


I thank You very much for your time and consideration.


----------



## JMPC (Jan 15, 2011)

I would think a good firewall would allow you to do what you want. Do they have to visit the website or does the software go out to the internet to get the information.

A linux boot CD would solve the issue of the hard drives getting damaged but if the application requires special software to run it may not be compatible with linux.

On the windows side you should be able to restrict web access using parental controls.


----------

