How to add Internet Explorer security zones

When five Internet security zones aren't enough, here's how you can add more levels for finer control over content.

This tip originally appeared on SearchWindowsServer.com, a sister site of SearchSMB.com.

Internet Explorer (IE) lets you segregate visited sites and intranet locations into different security zones, each of which can be handled differently as needed. By default, Internet Explorer has five security zones: My Computer, Internet, Local Intranet, Trusted Sites and Restricted Sites. Sometimes having only five levels of granularity isn't enough, and you may want to add more levels for finer control over content.

Internet Explorer security zones are not fixed in stone; they are controlled through the Registry and can be customized to a degree. Adding a new zone actually isn't that difficult, although you do need to make sure you're not damaging or overwriting an existing one. The new zone, like other zones, can be attributed to specific sites and have its own set of restrictions or allowances.

To create a new Internet Explorer security zone, open the Registry and navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones. Inside Zones are five subkeys, labeled 0-4, each of which holds the settings for the different IE security zones. Right-click on 2 (Trusted Sites) and export it to a .REG file. Edit the .REG file in Notepad (or another text editor) and modify the following:

  • Rename the keyname, which is in square brackets at the top of the file. If you have 0 to 4 in existence, change the "2" at the end of the keyname to a "5." This will save all the new zone information in a subkey named 5.
  • Change the DisplayName and Description text strings to whatever the name and description of the new zone is to be.
  • Change the Icon string, too, and point it to another icon group (not an icon file itself, but an icon group in an existing resource like a .DLL) so the new zone will have a distinct icon. (If you don't know how to do this, you can change this string to inetcpl.cpl#1307 as a quick way to set it apart from the other icons.)

Save the .REG file and double-click it to add it to the Registry, then reboot. You should see a new icon in the Security tab for Internet Properties that corresponds to the new zone. Then, just set sites and security properties for it.

Serdar Yegulalp is editor of "The Windows Power Users Newsletter."


This was first published in May 2005

Dig deeper on Data centers and virtualization for Small Business

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close