Windows – How to block internet access to Spotify’s Windows 10 app (on the Windows Store)

firewallnetworkingspotifywindows 10

I want to block Spotify from having internet access. It is the app for Windows 10 downloaded from the Windows Store. The reason for blocking internet access is so that I can listen to music offline on my computer, while my dad listens to music on the Google Home from the same account.

I guess the answer to this question could be general to any Windows Store app. I just don't know where the program is to block it from the Windows Firewall.

There is a similar question on this site here but it is outdated because that is for Windows 7/8.

I know how to specify a rule in Windows Firewall to disable internet access, but was wondering how to do that for a Windows Store app? Specifically, for Spotify. Or if there is any other way, that would be an acceptable response as well.

Best Answer

  1. Open the “Control Panel“
  2. Select “System and Security“
  3. In the Windows Firewall section, select “Allow a program through Windows Firewall“.
  4. Unchecking the box to the left of the application name disallows it from accessing network resources, while checking it allows access.
  5. If the program you wish to block or unblock is not listed, you can click the “Allow another program…” button to add it. Choose the application in the list and select “Add“. If the program is not in this list, use the “Browse…” button to select the program file manually.

Since you said it didn't work here is another option

  1. Open Windows Defender Firewall
  2. Goto "Advanced Settings"
  3. On the left side, click the “Outbound Rules” link
  4. In the far right pane, click “New Rule” to create a new rule for outbound traffic.
  5. In the wizard that pops up, make sure "program" is selected and then click "next"
  6. Select the “This program path” option, and then type (or browse for) the path to the program you want to block.

Important Note before clicking continue! (Source: howtogeek)

When you use the “Browse” command to select an EXE file, Windows defaults to using what are known as environmental variables if the particular path includes a given path portion represented by one of those variables. For example, instead of inserting C:\Users\Steve\, it will swap that portion for the environmental variable %USERPROFILE% .

For some reason, despite the fact that this is the default way it populated the program path field, it will break the firewall rule. If the file you have browsed to is anywhere that uses an environmental variable (like the /User/ path or the /Program Files/ path), you have to manually edit the program path entry to remove the variable and replace it with the correct and full file path. In case that’s a tad confusing let us illustrate with our example program from above.

When we browsed to the EXE file for our Maxthon web browser, Windows plugged in the following program path information for the file, which was located in our Documents folder:

%USERPROFILE%\Documents\MaxthonPortable\App\Maxthon\Bin\Maxthon.exe That file path is understood by Windows, but for some reason is no longer recognized when inserted into a firewall rule. Instead, we need to replace the file path that includes the environmental variable with the full file path. In our case it looks like this:

C:\Users\Jason\Documents\MaxthonPortable\App\Maxthon\Bin\Maxthon.exe It’s possible this is some quirk isolated to the current version of the Windows 10 firewall, and that you can use environmental variables in other versions, but we’d encourage you to just remove the variable and use the full and absolute file path to save yourself a headache today and down the road.

Finally, there’s one small but important thing to keep in mind here. For most applications, the main EXE file is the one you want to block, but there are examples of applications where things are a bit counter-intuitive. Take Minecraft, for example. At first glance it seems like you should block Minecraft.exe , but Minecraft.exe is actually just the launcher file and the actual network connectivity happens through Java. So, if you want to restrict your child from connecting to online Minecraft servers you need to block Javaw.exe and not Minecraft.exe . That’s atypical, though, as most applications can be blocked through the main executable.

At any rate, once you’ve selected your application and confirmed the path, you can finally click that “Next” button. On the “Action” screen of the wizard, select the “Block the connection” option, and then click “Next.”

  1. On the “Profile” screen, you’re asked to select when the rule applies. Here, you have three options:

Domain: The rule applies when a computer is connected to a domain.

Private: The rule applies when a computer is connected to a private network, such as your home or small business network.

Public: The rule applies when a computer is connected to a public network, such as at a coffee shop or hotel.

If you have a laptop that you use at home (a network you’ve defined as private) and at a coffee shop (a network you’ve defined as public) and you want the rule to apply to both places, you need to check both options. If you want the rule only to apply when you’re at the public Wi-Fi spot at the coffee shop, then just check Public. When in doubt, just check them all to block the application across all networks. When you’ve made your selection click “Next”.

  1. The final step is to name your rule. Give it a clear name you’ll recognize later on, then click finish.

All outbound communication from the application in question is now cut off. If you want to further tighten the grip you have on the application you can select the “Inbound Rules” option in right hand navigation panel of the “Windows Firewall with Advanced Security” and repeat the process, step for step, recreating an identical firewall rule that governs inbound traffic for that application too.

Related Question