oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

Kill Internet Ads with HOSTS and PAC Files
Pages: 1, 2

What Are PAC Files?

Proxy Automatic Configuration (PAC) files were introduced by Netscape with the release of JavaScript back in 1996, and all modern browsers support them, including Internet Explorer and Opera. PAC files consist of JavaScript defining the function FindProxyForURL(url, host), and are saved with the file type .pac. The return value for this function says whether to use a proxy for this URL, a SOCKS proxy, or connect directly. If your browser is configured to use a PAC file, the FindProxyForURL function is called every time your browser attempts to access a URL, even if JavaScript is turned off in your browser.

PAC files support some special functions, two of which are useful for blocking ad sites:

  • This detects whether the URL host name belongs to a given DNS domain:

    dnsDomainIs(host, domain)
  • This checks whether str (could be the URL or host name) matches a shell expression:

    shExpMatch(str, shexp)

To block ads, your FindProxyForURL function will contain an if statement that describes all the ad sites, and perhaps another if statement with a white list. The basic structure looks like this:

// Allowed sites
function FindProxyForURL(url, host)
    if (0
        || dnsDomainIs(host, "")
        || {{continue with exception list}}
        return "DIRECT";

// Blocked sites (ad servers or others)
if (0
    || shExpMatch(url, "*.ad.*")
    || {{continue with disallowed list}}
    return "PROXY localhost:3421";

(The zero is only there to line up the JavaScript statements.)

Note that the blocked sites are redirected to port 3421 of localhost. If you're not running a web server on your computer, you can specify port 80 here, and that will work with all browsers. But if you are running a web server, specifying port 80 will trigger the "Enter network password" dialog.

Redirecting to an unused port like 3421 causes no problems for IE or Mozilla, but Opera will pop up an error message complaining that there is no proxy at that address. The solution to this problem is the special purpose web server mentioned earlier.

It's good to understand how PAC files work so you can modify them if necessary, but you don't have to start from scratch. John R. LoVerso provides a very good ad-blocking PAC file with detailed comments here. Open the file in WordPad for editing; Notepad won't show the line breaks.

Once you have the PAC file, you have to tell your browser to use it. The location of the setting is a little different in each browser, but in general you'll find it among the network or connection settings. You specify the file using a syntax like this:


If you are using Internet Explorer, you have to change two other settings. Open the Internet Options dialog and click on the Security tab. Select "Local intranet" and click the "Sites…" button. Uncheck the box labeled "Include all sites that bypass the proxy server."

One other change is necessary. You must turn off the auto-proxy caching mechanism, since it prevents being able to restrict some server content while allowing other content. Unfortunately, there is no interface to this setting in the Internet Options dialog, but you can use a clever .REG file to not only change the option, but add a checkbox for it on the Advanced page of the Internet Options dialog. This .REG file was written by Bill Talcott. Open Notepad, copy and paste these lines, save it with the file type .reg, then double-click on the file to load the settings into the registry:


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\PAC]
"Text"="Automatic Proxy Configuration"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\PAC\PROXYCACHE]
"RegPath"="Software\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings"
"Text"="Use automatic proxy result cache (UNCHECK for no-ads)"
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]

The BlackHoleProxy Utility

As mentioned earlier, when using the HOSTS file or a PAC file to redirect ad servers, it's a good idea to run a small, single-purpose web server on the loopback address that responds to requests with a transparent bitmap. This is what BlackHoleProxy does, and it can be used with HOSTS files, PAC files, or both. You can download BlackHoleProxy for free, with source code.

You may have heard of a similar utility called eDexter that is free for personal use. BlackHoleProxy has some important options that eDexter lacks. It allows you to configure the port to use, which is crucial if you're running a web server on your computer. Another option lets BlackHoleProxy respond to computers other than localhost so it can be shared on a network. eDexter only offers this option in the paid version. Also, eDexter handles PAC files in a nonstandard way. You have to enter settings into an eDexter data file using a proprietary syntax, and the actual PAC file is generated on the fly.

Although BlackHoleProxy has all the features you might need, the interface is bare bones. There is no install program and no user interface. Options are set through the command line. For easy access, you can create shortcuts for the command-line options you think you'll need, plus another shortcut pointing to the documentation, and then create a folder for these in your Start menu.

Figure 2
Figure 2. Shortcuts to BlackHoleProxy options in Start menu.

To use BlackHoleProxy with an ad-blocking HOSTS file, you must set it to port 80 by launching it with this command line:

BlackHoleProxy -port 80

If you're running a web server on your computer, you should use a PAC file rather than the HOSTS file to block ads so you can change to a port that doesn't conflict. By default, BlackHoleProxy uses port 3421 because it was designed to be used with the No-Ads PAC file.

Last but not least, don't forget to clear your browser's cache after setting up your ad-blocking HOSTS or PAC file, or the ads will be retrieved from your cache.

Sheryl Canter has been a Contributing Editor to PC Magazine since 1993, a software developer since the early 1980's, and was the editor of PC Magazine's Utilities column from 1993-2002.

Return to