Douglas Crawford

Douglas Crawford

February 12, 2016

The hosts file is a plain text file called hosts.txt that maps hostnames to IP addresses.

The Domain Name System (DNS) is a remote database used to translate the easy-to-understand and remember web addresses (URLs) that we are familiar with, to their ‘true’ numerical IP addresses that computers can understand: for example translating the domain name www.bestvpn.com to its IP address of 198.41.187.186.

In most operating systems the host file is resolved in preference to DNS requests, so if the hosts file resolves the hostname, the request never leaves your computer. This means the hosts file can be edited to block the domain names of ad servers, banners, third party cookies, and assorted other malware, adware and spyware.

For example, adding the entry “0.0.0.0 ad.doubleclick.net” to the hosts file will block all ads served by that DoubleClick server to any web page you visit.

0.0.0.0 is “a non-routable meta-address used to designate an invalid, unknown or non-applicable target.” An alternative address often used is 127.0.0.1, which is the localhost address, but 0.0.0.0 is preferred as it is faster (does not wait for a timeout) and it does not interfere if a local web server is running.

How to edit your hosts file Windows

  1. Search for Notepad, right-click, and Run as administrator.

Hosts 1

  1. File -> Open > c:\windows\system32\drivers\etc\hosts. Under the last # enter:

0.0.0.0 [domain name]      e.g. 0.0.0.0 google.com

Multiple hosts can entered, with each one on a new line.

Hosts 2

  1. Edit -> Save.

Note that editing the hosts file may cause an alert from your anti-virus program. If so, then “allow” the change. In our example, if you now visit www.google.com you will find the website blocked. To un-block a host, either delete its entry or add a # symbol in front of it.

Instructions for editing the hosts file in Ubuntu and Mac OSX can be found here.

Host lists

A number of websites provide lists of domains belonging to known adware and malware, etc. domains, which can be added to your hosts file.

The best of these that I know of is the StevenBlack’s Amalgamated host file, which “consolidates several reputable hosts files and merges them into a single amalgamated hosts file with duplicates removed.”

It currently contains 27,148 unique entries amalgamated from the following “high quality” sources:

StevenBlack defines a “high quality” source as one that is actively curated, with the bigger the hosts file, the more curation required!

Hosts 3

The actual file in the repository you want is called hosts. To use, simply cut & paste the host entries into your hosts file, then Save.

Hosts file vs. browser – based ad blocker

Those paying attention might notice similarities between blocking content using the Hosts file and the block-lists used by browser-based ad blockers such as AdBlock Plus and uBlock Origin.

Host file pros

  • Domain resolutions take place at a very low level (so are quick)
  • Use no memory or processing power
  • Blocks ads and malware across the entire OS, not just the browser

Host file cons

  • Difficult to enable/disable on a per-site basis
  • Can only block entire domains (not individual elements)
  • Hosts file lists usually updated less often

Ad-blocker pros

  • Easy to enable/disable from with the browser on a per-site basis
  • Higher granularity (page elements, wild cards)

Ad-blocker cons

  • Only blocks elements within the browser
  • High memory and processing demands

Personally, I use both, as I really hate ads!

Tip 1

Editing the hosts file makes a great alternative to using parental control software.

Tip 2

Using a VPN often causes the OS to bypass checking the hosts file. The uBlock Origin browser plugin, however, can be set to use hosts files such as those by Dan Pollock’s  and MVPs.org.

hosts uBlock Origin

Go to the uBlock Origin dashboard -> 3rd party filters (second tab at top) -> Multipurpose (about half way down)

My thanks to reader ihavenoname for sending this tip in.

Douglas Crawford
February 28th, 2018

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

18 responses to “Use your hosts file to block ads and malware

  1. I used the MVPS HOSTS file (i.e. http://winhelp2002.mvps.org/hosts.htm ) which is apparently the most popular HOSTS file. but instead of loading it on Windows, like is typical, I got it running on my router with Tomato (Toastman) firmware using this script… http://www.linksysinfo.org/index.php?threads/auto-dl-hosts-file-and-install.21378/

    so where as normally someone has to manually update it about once every month or so, as the MVPS HOSTS file typically gets updates about once a month, the router does it completely automatically (as it updates the MVPS HOSTS file once a week) and as a bonus, since it’s running on the router, it will work for ANY device connected to the router (that obtains a IP address automatically from DHCP(which is what the vast majority of people use since it’s easy/automatic)).

    NOTE: you need to have the router for the DNS servers because if you setup a manual IP address on your computer with manual DNS servers it will bypass the hosts file usage on the router. so for those, like me, who have a manual IP address on their primary computer instead of typing in the real DNS server IP address you simply use ‘192.168.1.1’ (or whatever is the IP address of your router) and it will then use the routers HOSTS file. also, it’s pretty easy to confirm whether the HOSTS file is active, be it through the router or manual installation on Windows etc, as you simply load up the command prompt and type ‘ping ad2games.com’ (without the ‘) and press enter and if pings that address then the HOSTS file is not working but if it shows, “Ping request could not find host ad2games.com. Please check the name and try again.” ; then the HOSTS file is working. currently the MVPS HOSTS file contains 12,715 addresses as of it’s most recent update on March 4th 2018. while there may be other HOSTS files online I suspect the MVPS HOSTS is a bit safer as it’s probably less likely to interfere with legitimate websites and still offers decent protection online.

  2. Hello,

    Could you please tell me if writing `0.0.0.0 doubleclick.net` would also block access to ad.doubleclick.net? I would have assumed yes, but some host files (e.g. Adaway’s at https://adaway.org/hosts.txt) has separate entries for both `127.0.0.1 doubleclick.net` and `127.0.0.1 ad-g.doubleclick.net`. Shouldn’t the former make the latter reduntant?

    Thanks.

    1. Hi NoobUser,

      Hmm. I think doubleclick.net and ad-g.doubleclick.net are different servers, and therefore require their own entries. Perhaps more importantly, given that we are just talking about adding another line of text to the Hosts file, I see no real harm in covering all bases. Even if this does create a little redundancy.

Leave a Reply

Your email address will not be published. Required fields are marked *