A domain name isn’t actually the location of a website; it’s just a memorable name that’s associated with an Internet Protocol address, which is a considerably less memorable series of numbers, such as 18.104.22.168. Whenever you enter a domain name in your browser’s address bar, the browser connects to a Domain Name System server and is then redirected to the correct IP address from which the website is delivered.
In between your browser and the DNS server is your local Hosts file, which also associates domain names with IP addresses (even though it has no such entries by default). Whenever a browser requests a domain name, Windows reads this file to see if there’s an entry for the entered domain name. If there is, then Windows uses the Hosts file’s associated IP address and bypasses the DNS server entirely.
You can capitalize on this behavior by redirecting a domain request to any IP address you desire, including one typically associated with an entirely different domain. However, if your intention is the block the site, pointing to your localhost IP address works just fine. With this approach, requests for the blocked domain are directed to your localhost, which Windows won’t be able to find, so the domain fails to resolve.
The danger of this system is malware can potentially use the Hosts file to perform nefarious deeds. As an example, if malware changes the Hosts file to point mail.google.com to a hijacker’s Gmail-mimicked website, you might not realize you’re on the wrong site, because even the address bar would say you’re at the right place. Therefore, you enter your username and password hoping to check your Inbox, but instead deposit your login details directly into malicious hands.
Windows 8 recognizes this risk, so Windows Defender scans for changes in the Hosts file, including your changes. If it detects a change, it restores the original file, figuring the change was the result of malware. That’s thoughtful of them, but it plays havoc on your attempts to block sites. Therefore, to ensure your Hosts entries remain, you need to bypass Windows Defender by adding the Hosts file to your exclusion list and then configure the Hosts file.