How To Turn Chrome or Firefox Into A Single-Site Browser

Martin Brinkmann
Feb 15, 2012
Updated • Apr 9, 2012
Firefox, Firefox add-ons, Google Chrome

A Single-Site browser serves a very specific purpose. You use it to access one, and sometimes a handful, of websites and services on the Internet. This can be financial sites, your email accounts or other sites with personal information like a medical related sites. The basic idea is to block access to all other sites to protect the account and information from certain attack forms like cross site scripting or clickjacking.

All connections are blocked except to those sites that you have explicitly allowed. This means that third party scripts won't be loaded if they originate on a non-whitelisted domain, and that you won't be able to open third party sites manually in the browser.

This guide demonstrates how to turn Firefox and Google Chrome into a single-site browser. Inspiration has been taken from Vasa's post over at the Wilders Security Forum.

Google Chrome

Google Chrome users can make use of the --host-rules parameter to block all domain connections except the ones they whitelist. The general parameter looks like this:

--host-rules="MAP *, EXCLUDE *"

This redirects all connection attempts to localhost, except for connections to the site or one of its subdomains.

You can also add multiple inclusions in the following way:

--host-rules="MAP *, EXCLUDE *","MAP *, EXCLUDE *"

Windows users can add the parameter to Chrome in the following way:

  • Locate a Chrome shortcut in the Start Menu, Taskbar or Desktop
  • Right-click the shortcut and select Properties
  • Append the parameter to the end of the Target listing, with a space in between.
  • Click Ok to apply the settings.

google chrome single-site browser

You could alternatively create a second shortcut to use it for accessing your important sites, and keep the general shortcut for all other sites that you visit in the browser.


Mozilla Firefox users need to install the SimpleBlock extension for their browser first. They then need to create a SimpleBlock.ini file in the user profile folder and add a regular expression to it to allow access to certain sites.

R: https?://(?!(||

This would allow access to the three domains mentioned above, and block all other connection attempts.

It is probably best to create a new user profile for this. You can use an add-on like Switchy or the new Firefox profile manager application.

Closing Words

It is best to create new profiles or shortcuts to work with Single-Site browsers. Security add-ons like NoScript can mitigate the issues if they are configured properly.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. jimg said on May 24, 2023 at 8:59 am

    This doesn’t work.

  2. Jeff said on April 4, 2021 at 2:37 am

    Could this work on Android or iOS devices?

  3. Nick said on January 12, 2021 at 8:40 pm

    No longer applicable?

  4. Anonymous said on November 14, 2017 at 12:53 am

    did not work for me A message pops up each time
    the name is specify box –host-rules=”MAP *, EXCLUDE *, EXCLUDE *”is invalid

    1. Henry pius said on December 9, 2020 at 10:00 am


  5. Petko said on May 7, 2017 at 9:56 pm

    You can add multiple inclusions in the following (shorter) way:

    –host-rules=”MAP *, EXCLUDE *, EXCLUDE *”

    There is no need to retype the “MAP *” part.

  6. Robert said on February 16, 2012 at 10:34 pm

    >This means that third party scripts won’t be loaded if they originate on a non-whitelisted domain

    Or Firefox users could just use the noscript plugin. Much easier interface than SimpleBlock IMHO.

  7. Robert Palmar said on February 15, 2012 at 6:02 pm

    An interesting approach to create a single site browser.

    Personally, I use portable versions of browsers just for this purpose.
    For example, I use SRWare Iron to access Google Voice and only that site.

    1. Martin Brinkmann said on February 15, 2012 at 6:25 pm

      Which would leave you vulnerable if someone managed to post an exploit on that site.

      1. Robert Palmar said on February 15, 2012 at 6:49 pm

        Yes, but what is the likelihood of that?
        And one could protect a portable browser
        in a similar manner if one did feel vulnerable?

      2. Martin Brinkmann said on February 15, 2012 at 6:55 pm

        Yes you are right. The likelihood is slim and you could protect the browser in a similar manner.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.