Are you worried about the security of your Windows PC? One way to protect your computer is to turn off Windows PowerShell and Command Prompt, which is considered a double-edged sword.
While they help administrators and developers perform different tasks, malicious actors can also use them to compromise your data. To prevent that from happening, you must disable these command line tools when not in use. We will show you how to disable Windows PowerShell and Command Prompt. So let’s get started.
Why you should disable Command Prompt and Windows PowerShell
Disabling powerful command line tools like Command Prompt and Windows PowerShell can be an effective method to enhance the security of your system and protect it from malicious threats. Here are some important reasons why you should disable Windows PowerShell and Command Prompt:
- Malicious actors can use Command Prompt and PowerShell to launch malware attacks and run malicious scripts on your computer.
- Inexperienced users may accidentally run some commands in these command line tools. This can make your system unstable.
- These tools can be used to gain administrative access to the system and lead to malware attacks.
How to Disable Windows Command Prompt
There are two methods to disable Windows Command Prompt on your computer: one is through the Registry Editor and the other is through the Local Group Policy Editor. Let’s examine both methods in detail:
1. Use Registry Editor
Registry Editor contains registries that you can configure to change system behavior. By accessing the Command Prompt registry in there, you can configure the settings to disable the Command Prompt. Here’s how to do it:
Note: Editing the Registry is risky, as one wrong operation can harm your computer. To prevent that from happening, you must back up the registry and create a restore point. Doing this ensures you can easily recover your data if something goes wrong.
Step 1: Press the Windows + R key combination to open the Run tool.
Step 2: Enter re-edit in the search bar and press Enter. This will open the Registry Editor.
Step 3: In Registry Editor, go to the following location:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows
Step 4: Right-click the Windows key, move the mouse pointer to New and select Key.
Step 5: Name the key System.
Step 6: Right-click the System key, put the mouse pointer on New, and select DWORD (32-bit) Value.
Step 7: Name the value DisableCMD.
Step 8: Double-click the DisableCMD value, type first under Value data and click OK. This will disable the Command Prompt.
To enable Command Prompt, type 0 in Value Data and save the changes.
2. Use the Local Group Policy Editor
The Local Group Policy Editor is another important Windows tool that allows you to configure your computer policies. You can use this tool to stop Command Prompt access for non-admin users. Follow these steps to do that:
The Local Group Policy Editor is only available for Windows Professional, Education, and Enterprise editions. If you’re using the Windows Home edition, you’ll get an error message saying ‘Windows could not find gpedit.msc’ when trying to access the Local Group Policy Editor. Fortunately, you can fix this error easily. Check out our guide to fix missing gpedit.msc and access the Local Group Policy Editor on Windows Home edition.
Step 1: Open the Run tool, type gpedit.msc in the search bar and click the OK button.
Step 2: Go to the following location in the Local Group Policy Editor:
User Configuration\Administrative Templates\System
Step 3: Double-click the ‘Prevent access to command prompt’ policy in the right pane.
Step 4: Select the Enabled option. Then click Apply and OK. This will disable the Command Prompt.
To enable Command Prompt, select the Disabled or Not Configured option. Then click Apply and OK to save the changes.
How to Disable Windows PowerShell
Just like the Command Prompt, there are two tools available to disable Windows PowerShell: one is the Local Security Policy and the other is the Local Group Policy Editor. Continue reading to know how to use these tools to disable PowerShell.
1. Use Local Privacy Policy
Local Security Policy is a built-in Windows tool that allows you to make security changes to your computer. You can also use this tool to disable Windows PowerShell. This is the way:
Step 1: Open the Run tool, type secpol.msc in the search bar and click OK.
Step 2: Right-click ‘Software Restriction Policy’ in the left sidebar, then select ‘New Software Restriction Policy’ from the context menu.
Step 3: Right click on Additional Rule and select ‘New Hash Rule’.
Step 4: Click the Browse button.
Step 5: Paste the following address into the address bar and press Enter:
%SystemRoot%\SysWOW64\WindowsPowerShell\v1.0
Step 6: Select the PowerShell.exe file and then click the Open button.
Step 7: Click Apply and then OK to save the changes.
2. Use the Local Group Policy Editor
The Local Group Policy Editor contains a Windows PowerShell policy that you configure to prevent PowerShell access to non-administrators. Follow these steps to configure this policy:
Step 1: Launch the Run tool, type gpedit.mscthen click OK.
Step 2: Navigate to the following location:
User Configuration\Administrative Templates\System
Step 3: Double-click the ‘Do not run specified Windows applications’ policy.
Step 4: Select the Enabled option and then click the Show button.
Step 5: Enter powershell.exe in New shell and then click OK.
Step 6: Click Apply and then OK to save the changes.
Protect Your Computer
If you share your computer with others, it’s important to turn off Command Prompt and Windows PowerShell when not in use. You can disable these tools using the methods above. Let us know in the comments which method above is the easiest.
Categories: How to
Source: thpttranhungdao.edu.vn/en/