Nick lazily jumps over the full stack

About

How to block access to a domain when the VPN is turned off

December 20, 2021

I need to be sure that certain domains will not be accessible when I'm not using a VPN. This includes any software on my computer, not only the web browser. That's why I'm saying 'domains' and not 'sites'. Let's call them X-Domains.

My solution is based on this answer. The idea is simple, but not easy if you know what I mean:

  • When VPN is turned on, use the DNS server provided by the VPN service.
  • Use your own DNS server when VPN is not active. Configure this server to block access to the X-Domains.

1. VPN

The coolest way, of course, is to set up your own VPN server. It will be fully private, fast, and cheaper than a paid service. Also, it's interesting.

The key steps:

  • Rent a cheap virtual server (VPS). Here are some examples of monthly prices: $3, €4, $4.
  • Follow this tutorial and install an OpenVPN Server software. There are tutorials for the various Linux versions.
  • The most important thing here is to force your computer to use DNS resolvers provided by the OpenVPN Server. See push "dhcp-option DNS <IP>" settings.
  • Use OpenVPN client on your computer.

2. Local DNS Server

Set up a DNS server on your computer and configure it to block the X-Domains. All you need is dnscrypt-proxy, an open-source software.

The steps below are for Windows, but everything should be pretty much the same for other systems.

  • So, on Windows, install Simple DNSCrypt. This is another open-source tool that adds a graphical user interface to dnscrypt-proxy.
  • Blacklist the X-Domains in Simple DNSCrypt.
  • Make sure that your network connection sends DNS queries via Simple DNSCrypt. Just change the DNS server in your network connection settings to 127.0.0.1. This should work.

Now the network connection will use Simple DNSCrypt as a DNS resolver by default. And when you turn on the VPN, all DNS queries will be sent via the OpenVPN server. This means that without turning on the VPN the X-Domains will not be accessible.

* * *

The information is useful, of course, but this is just an addition to the picture. It's a scene from The Card Counter and shows a park decorated with all kinds of illumination. It looks fantastic in the movie, and I couldn't help but keep it. Just imagine a screensaver based on this picture!

Show the scene: