Web Browsing through Windows Explorer

**Quidam** · November 18th, 2003, 01:46 PM

With Windows Explorer, you can access to the Internet by typing a URL into the Address bar. In a CITRIX (Terminal Services) environment, this allows users to surf the Web who are not authorized to do so.

Is there a way to disable this 'feature' in Windows Explorer without compromising other functions?

Thanks

**rpertusio** · November 18th, 2003, 02:08 PM

This is a difficult one, because there is no real solution (that I am aware of.) Internet Explorer and Windows Explorer are tightly integrated, and cannot be seperated.

You have a few options to workaround it, though:
- Use group policies (or registry hacks) to disable the address bar
- Use a firewall to block the ports

Blocking access to the 'iexplore.exe' file will NOT work (eg. deny access with NTFS permissions). It will not stop web pages from loading from Windows Explorer.

The best solution I know of:
- Put in a dummy 'proxy' address. For instance, configure IE to use a 'localhost' as the proxy server. Web-browsing will not 'work' because the computer is pointing to a dummy proxy that won't take them anywhere.

- rp

**Quidam** · November 18th, 2003, 02:18 PM

Hi rp,

Thanks for the tips.

I'll look into disabling the Address bar, but I'm not sure if I want to take it away from the user.

We use a CISCO firewall, but authorized users need to get out to the Internet. I assume that ports can't be blocked by user.

Since this is a shared application through CITRIX, I don't know if I can add a 'false proxy' to block some users without cutting everyone off.

I'll investigate.