Windows Firewall Control Tips
Windows Firewall Control is a standalone program for Microsoft Windows PCs that extends the functionality of the built-in Windows Firewall and improves manageability significantly.
A free version is provided but you need to donate to the developer to get a lifetime license for the registered version which adds a notification system for outbound connections and an option to create temporary rules.
Check out our Windows Firewall Control review to find out more about the functionality of the application, and our Windows Firewall Control 5 article.
Windows Firewall Control requirements
Windows Firewall Control is compatible with 32-bit and 64-bit versions of Windows 7, Windows 8.1 and Windows 10, and the server versions Server 2012 and Server 2016.
The program requires the Microsoft .Net Framework 4.5 or newer. Windows Firewall needs to be enabled and the same is true for the DNS Client service.
Windows Firewall Control Tips
The Connection Log
You access the connection log with a click on the "View Windows Firewall connections log" icon on the left side of the program's footer toolbar.
A click on refresh list or a tap on F5 on the keyboard loads the last 100 blocked connections on the device sorted in chronological order by default.
You may use it to list blocked or allowed connections, and use filters to customize the output.
The table lists date and time, process ID, name of the program and path on the system, the source and destination address, and more information.
This gives you an overview of the blocked processes on the Windows PC; handy, if you noticed that a program won't connect to the Internet. A right-click on an item displays options to allow or block it, to run verification checks, and to create a custom rule for it.
The verification options give you options to check the file on Virustotal, to run a Whois query (using Who.is), or verify the target IP address (using IP Void).
You may use filters displayed in the sidebar if you get a large number of blocked connections. The filters allow you to change the number of blocked connections the program displays, restrict the data to inbound or outbound connections, use a text filter to list specific programs, ports or IP addresses, or switch the display from blocked to allowed. Note that you do need to refresh the listing after making changes to the available filters.
The connection log gives you an overview of allowed or blocked connections. This is useful for troubleshooting connection issues and to verify connections.
Windows Firewall Rules Panel
The rules panel lists all firewall rules when you open it. Click on the leftmost icon in the application's footer to start it.
Each rule has a colored background that indicates allowed (green) or blocked (red) connections. Rules list application names and paths, and parameters such as local or remote ports, addresses, and the network location.
Here is what you can do on the screen:
- Delete rules with a tap on the Delete key.
- Use the "show invalid rules" option to only list rules that are not valid, e.g. rules for programs that are no longer installed.
- Use the "show duplicate rules" option to show dupes.
- Change the action from allow to block and vice versa.
- Edit rules.
- Open file location or verify file on Virustotal.
- Import or export rules.
Only the registered version supports notifications which list outbound connection attempts. Windows Firewall Control supports three different notification settings:
- Display notifications to prompt users whenever outbound connections are blocked.
- Learning Mode which allows outbound connections for digitally signed programs but displays notifications for unsigned applications.
- Disabled which turns off notifications.
The notifications interface lists additional preferences. You may define programs or folders for which you don't want notifications to be displayed by Windows Firewall Control, and define for how long the notification is displayed. The time limit for temporary rules can be changed in the preferences as well.
Temporary rules are useful if you want to allow or block a connection temporarily. The notification prompt displays the three permanent options as text and the temporary options to the right as icons only. It is easy enough to overlook the temporary options.
While you can left-click to perform the temporary action right away, you can right-click to set a custom period for the temporary rule.
The most recent version of Windows Firewall Control supports three security settings which protect against tampering and may block connections during shut down or boot.
- Secure Boot changes the profile to High Filtering (block anything) at system shutdown and system start until you switch the profile manually.
- Secure Rules protects rules against outside tampering.
- Secure Profile protects the Windows Firewall state against tampering as firewall rule imports and filtering mode changes are only allowed through the application.
A click o tools displays links to native Windows administrative tools like the Event Viewer or Resource Monitor, and options to run various checks using online services.
You may use the tools for the following tasks:
- Check the reputation of an IP using one of three integrated services.
- Scan a file based on its SHA256 hash using one of two different antivirus scanning services.
- Run a whois query using one of four integrated whois services.
- Check port information.
Now You: Did we miss a tip?
>you need to donate to the developer to get a lifetime license
That’s not how donation works.
>Thatâ€™s not how donation works. [Required donation for a lifetime license]
I agree, but at the same time this (users’ reaction to the wording) is relevant of the fact we (consumers) are concerned, if not blinded, by the very way things are presented compared to what, factually and pragmatically, is the reality.
– Free but donation required for a lifetime license.
– Freeware and full version available for a 1 year 20$ renewable license.
The second presentation seems cleaner but the first is far more at our advantage.
That’s what communication aims at : finding the right words to advantage a deal which may not be that valuable for the user/consumer.
So what would be so difficult to define it as:
â€“ Freemium: free for certain features, and a fee is required for premium features and a lifetime license.
That way it is clear with no room for misunderstandings, except perhaps about what features are excluded from the premium version. In any case, that should be listed on the website, which is not the case as far as I have been able to ascertain.
On my land, this is called “buy a license”.
In the past users would focus on an app’s functionalities, its appearance, later on described as its “skin” was far less of their concern. We are now in the era of the appearance, of the skin, of the look. We all experienced users’ bad comments and ratings regarding an extension or an application on the sole basis of its appearance, i.e. “Looks like a crappy application of the nineties”… even when that app runs excellently.
In the same way we tend to give far more importance than in the past to words than to facts. My belief is that this behavior is relevant of a consumer society where brains have become excessively tributary of appearances : in this way we think like marketers want us to think, if things are nicely said we tend to believe theses things are good… and if poorly presented (as here with “required donation” we are inclined to devalue that product.
It has become “it’s not what the product is, it’s the way you present it”
You are diverting from the real issue: what people are expecting to get, based on the “presentation”, and what they really get when the open the package.
There is nothing wrong with demanding a fee for one’s work, but don’t call it a “donation”.
And this has absolutely nothing to do with the value assessment of the product.
It’s called a “Donation” for tax purposes. Your ignorance of tax law does not make it wrong.
From the FAQ on the authors website.
“Why a donation is required to become a registered user ? Isn’t this more actually a sale ?
Because I receive few donations, I (the developer) can’t operate like a real business that sells products. To operate like a real business that sells products I will have to pay more taxes over a year than the donations I receive. Your donation is used to buy software licenses, new hardware, hosting costs for the website. You support the project with your donation and as a reward for your gratitude you receive a lifetime license for all the computers that you own. There is one time donation and you will be a registered user for all versions of all programs from this website. I think this is a fair deal.”
I think it’s more then a fair deal, I think it’s an awesome deal.
>Itâ€™s called a â€œDonationâ€ for tax purposes.
I had forgotten that tax law, indeed. But donations don’t need to be required for an application to run, they can be a simple invitation to the user’s sens of a fair deal. No one is blaming donations as such but rather their link to a fully functional application. On the other hand,
– the word “donation” and its tax purpose pertinence,
– human nature is often more generous when it has something in compensation ;=)
– as you state it, “Your donation is used to buy software licenses, new hardware, hosting costs for the website. You support the project with your donation and as a reward for your gratitude you receive a lifetime license for all the computers that you own.”
How to disagree. Here my concern, personally, was less the “required donation for all functionalities” (even if I felt the oddity before you reminded the tax purpose) but rather that it seemed to be for some users such a concern when reality is — beyond words — 10$ for a time-life license. “I think itâ€™s more then a fair deal, I think itâ€™s an awesome deal.” and I agree.
I forgot to mention, but this is an extra motivated by big thoughts…
Imagine a world where everything is free but relies on users/consumers’ sens of equity, fairness.
It wouldn’t work. Still, I remember a restaurant in Paris where people would pay if and how much with their consciousness and wealth as sole references. I had been told the restaurant made its way, but that was many years ago. Seems idealistic. Reality is far less.
That’s all :=)
If tax is the reason, then make it clear somehow, or flag it as an obligatory donation upfront on the website.
It’s not obligatory for the application to run; it is for the enhanced functions.
@Martin: You call this a standalone programme. How do you define a “standalone” programme? Does it need to be installed or is it portable?
This one is not portable.
I distinguish between extensions/add-ons, and standalone programs. Windows Firewall Control is not an add-on for Windows Firewall or a plugin, but a separate program that taps into the functionality. You are right, it is not portable.
A lot of seemingly retired readers are replying?
Retired? How so?
Waaaay too much time on their hands.
Good grief, some people!
Great software from a developer who interacts with users no matter if they donate or not..And I’m always amazed at some who seem to be hung up on how pretty/colorful the GUI looks rather than what it actually serves to achieve.
how do you allow a program only local connection and not distant connection, since the properties page ask to block or allow at same time locan and distant connections.
for example if you choose “allow” it will allow local AND distant … -.-
I have recently installed Windows Firewall Control on a Windows 10 computer. The program is very useful as it permits me to monitor and control outgoing traffic (using medium filtering mode). However, I have noticed that users that do not have admin privileges are now permitted to disable the firewall, because they can access the WFC application, too. I think this is a severe security problem. Also, if a user can do that, any malware program could do that, too. I was wondering, how WFC prevents malware from just switching off the Windows Firewall by simply accessing the WFC control GUI?
I initially thought that the “Lock” feature may be a way to prevent this, but there is a loop hole. In your users guide you describe a procedure to unlock WFC, if the password was forgotten. This procedure is unsafe (pressing some keys and entering a default master password) and can be executed by anyone.
Shouldn’t WFC enforce the same security policy that the normal Windows firewall has i.e. Firewall rules and state can only be changed by users with Admin rights?