Blocking ChatGPT at work: how to do it (and why blocking alone backfires)
Say you find out a colleague pasted an entire customer list into ChatGPT this morning for a quick summary. Your first instinct makes sense. Get that chatbot out of the company, block it, done.
That instinct isn’t wrong, and sometimes it’s even the right call. But a block doesn’t always solve the problem, and it often creates a new one. Employees move to their phones, a personal account, or the next chatbot you haven’t shut down yet.
This article first shows how to block ChatGPT technically, from a quick fix on a single laptop to a managed rollout across your whole organization, with the commands and settings included. Then we look honestly at where blocking falls apart, when it is the right call after all, and which approach prevents data leaks without frustrating your team.
Can you block ChatGPT at work?
Yes. You can stop ChatGPT at several levels: on the device itself, through your DNS, through browser policy, or at your firewall. Which method fits depends on how many devices you manage and how technical your environment is. None of these methods is watertight, and that’s exactly why the choice between blocking and a smarter approach matters. First the methods.
How to block ChatGPT
We’ll walk through five ways. For each method you’ll see what it costs in effort and where it leaks. One thing up front: ChatGPT runs on several domains. For a working block you at least shut down chatgpt.com, chat.openai.com, and openai.com.
The hosts file (fast, one device)
The quickest way to block ChatGPT on a single computer is the hosts file. You point the domains to an address that leads nowhere, so the browser can’t reach them.
On Windows the file lives at C:\Windows\System32\drivers\etc\hosts, on macOS and Linux at /etc/hosts. Add these lines, you’ll need administrator rights:
0.0.0.0 chatgpt.com
0.0.0.0 chat.openai.com
0.0.0.0 openai.com
We use 0.0.0.0 here instead of 127.0.0.1, so the connection fails immediately rather than pointing to a service on the computer itself.
This works right away, but only on that one device, and anyone with admin rights reverts it in thirty seconds. Good for shutting something down quickly, not as policy for your whole organization.
DNS filtering (every device on your network)
If you don’t want to visit each device, filter at the DNS level. Your DNS resolver then refuses ChatGPT’s domains for everyone working through that network. Tools that do this include Pi-hole (free, self-hosted), NextDNS, and Cisco Umbrella.
The denylist looks the same regardless of the tool:
chatgpt.com
chat.openai.com
openai.com
In Cisco Umbrella you can instead block the entire “Generative AI” category in one go. Handy if you want to catch more than just ChatGPT.
The weak spot of DNS filtering is that it only applies on your own network. An employee who switches to 4G, sets their own DNS server, or turns on DNS-over-HTTPS in the browser walks right around it.
Browser policy through Chrome or Edge (managed devices)
If you manage your devices centrally, for example with Microsoft Intune or group policy, browser policy is the cleaner route. Chrome and Edge both have the URLBlocklist policy for this.
On Windows you set it in the registry. For Chrome:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\URLBlocklist]
"1"="chatgpt.com"
"2"="chat.openai.com"
"3"="openai.com"
For Edge the path is HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\URLBlocklist, with the same numbered values. If you roll it out through Intune or another MDM solution, you usually supply the same list as JSON:
{
"URLBlocklist": ["chatgpt.com", "chat.openai.com", "openai.com"]
}
You can also flip it around. Block everything with the value *, and use URLAllowlist to open only the tools you do allow. That’s stricter, but then you have to keep track of what you open up. The details of this policy are in the Chrome and Edge documentation.
The policy only applies to the browser you manage. If someone installs Firefox or grabs their phone, you fall back on the other methods.
Firewall or secure web gateway (network-wide)
At the network level you block ChatGPT at your firewall or through a secure web gateway. Many business firewalls from Fortinet or Palo Alto have a ready-made category for generative AI you can switch on in a single rule. A secure web gateway like Zscaler or Netskope does the same, and can inspect the traffic instead of just refusing it.
This covers every device on your network at once and is harder to bypass than a hosts file. The downside is the cost and the management. And the moment a laptop leaves the office network, the rule no longer applies, unless you force all traffic through the gateway.
Let your team use AI. Without the data leaks.
Redactprompt strips national IDs, IBANs and customer data from the prompt locally, and gives you central policy and visibility per chatbot. Free to start, no credit card.
Why blocking alone often doesn’t work
So you can shut ChatGPT down just fine. The problem is what happens next.
People use AI because it makes their work faster, and that need doesn’t disappear when you block a domain. Research by Software AG (2024) among 6,000 knowledge workers found that 46% keep using AI tools even when their employer explicitly forbids it. They grab their phone, send the text to a personal email address, or take a photo of the screen to feed into ChatGPT at home. The detour is often riskier than the route you just closed.
On top of that, a block is reactive. Samsung learned this in 2023. Only after employees pasted sensitive source code into ChatGPT did the company ban generative AI internally. The ban came after the leak. The data was already on an external server by then, and you don’t get that back.
And you never block everything. Shutting down ChatGPT doesn’t mean Copilot, Gemini, Claude, or DeepSeek are closed off too. Before you know it you’re playing a game where you block domain after domain while your employees have already found the next tool.
When a hard block is the right call
Sometimes blocking is exactly what you should do.
For chatbots you really don’t want data going to, a hard block is defensible. DeepSeek is the clearest example. In February 2025 the Dutch government banned the tool for civil servants, because the data entered can end up in China. If you’re in a sector where that kind of data traffic simply isn’t allowed, blocking that specific service is a sensible measure.
A block can also be useful temporarily. If you don’t have an AI policy yet and don’t know what’s going on, it buys you some quiet. Just treat it as a pause button, not the solution. Because the moment pressure builds, the workarounds start.
The smarter route: block where you must, redact where you can
Most organizations don’t want to choose between everything closed and everything open. You want your team to use ChatGPT and Copilot, because it genuinely saves time, but without customer data or source code going out the door.
You can do that with control at the moment of pasting instead of a block up front. Rather than barring the whole chatbot, you scan the prompt before it’s sent. If it contains a national ID, an IBAN, an API key, or a piece of source code, you step in there. The employee gets a warning, or the sensitive data is automatically redacted or replaced with fictional values. The chatbot still gives a usable answer, just without the real data.
Redactprompt works this way. Detection and redaction run entirely locally in the browser, so no text goes to an external server to be checked. You set what’s allowed per chatbot: allow ChatGPT but block DeepSeek, turn off file uploads without barring the whole tool, or always stop certain data types. That’s the granular control a domain block can’t give you.
No measure catches everything, and we don’t claim it does. But by stepping in at the moment things go wrong, instead of putting up a wall people walk around, you protect the data without wrecking productivity.
How do you keep a grip after that?
Blocking or redacting is one side of the story. The other side is keeping sight of what’s happening. You can’t manage something you can’t see, and at most organizations that visibility is missing entirely.
A dashboard showing which chatbots are used and how much sensitive data was stopped per department gives you that grip back. Not by reading along with what your colleagues type, but by showing where the risk sits. That way you back your AI policy with numbers instead of a gut feeling.
And that policy is no longer optional. Since February 2025, the EU AI Act requires organizations to ensure AI literacy. Your people need to know enough to use AI responsibly, and putting a technical safety net under that is part of it. For more on the numbers and the regulations, read How to stop company data from leaking into ChatGPT.
Frequently asked questions
Is my employer allowed to block ChatGPT?
Does a block also work on an employee's phone?
Can I block the free version of ChatGPT and allow the paid one?
Is blocking enough to comply with the GDPR?
Want to enable ChatGPT and other chatbots safely instead of shutting them down? You can try Redactprompt for free with no strings attached, or get in touch to discuss the options for your team.
Prevent data leaks to AI chatbots
Redactprompt detects and protects sensitive data before it reaches an AI chatbot. Fully local in your browser.