How do I get Windows Defender to allow a program?

It's important to have Microsoft Defender Firewall on, even if you already have another firewall on. It helps protect you from unauthorized access.

To turn Microsoft Defender Firewall on or off:

Windows 11Windows 10



1. Select Start  , then open Settings  . Under Privacy & security  , select Windows Security  > Firewall & network protection. Open Windows Security settings

2. Select a network profile: Domain network, Private network, or Public network.

3. Under Microsoft Defender Firewall, switch the setting to On. If your device is connected to a network, network policy settings might prevent you from completing these steps. For more info, contact your administrator.

4. To turn it off, switch the setting to Off. Turning off Microsoft Defender Firewall could make your device (and network, if you have one) more vulnerable to unauthorized access. If there's an app you need to use that's being blocked, you can allow it through the firewall, instead of turning the firewall off.

1. Select the Start  button > Settings  > Update & Security  > Windows Security and then Firewall & network protection. Open Windows Security settings

2. Select a network profile: Domain network, Private network, or Public network.

3. Under Microsoft Defender Firewall, switch the setting to On. If your device is connected to a network, network policy settings might prevent you from completing these steps. For more info, contact your administrator.

4. To turn it off, switch the setting to Off. Turning off Microsoft Defender Firewall could make your device (and network, if you have one) more vulnerable to unauthorized access. If there's an app you need to use that's being blocked, you can allow it through the firewall, instead of turning the firewall off.

Note: If you get errors, or if the setting won't turn on, you can use the troubleshooter and then try again.

Firewalls are there to protect you from threats on the internet (both traffic from the internet and from local applications trying to gain access when they shouldn’t). Sometimes, though, you’ll want to allow otherwise restricted traffic through your firewall. To do so, you’ll have to open a port.

When a device connects to another device on a network (including the internet), it specifies a port number that lets the receiving device know how to handle the traffic. Where an IP address shows traffic how to get to a particular device on a network, the port number lets the receiving device know which program gets that traffic. By default, most unsolicited traffic from the internet is blocked by Windows Firewall. If you’re running something like a game server, you might need to open a port to allow that specific kind of traffic through the firewall.

Note: This article shows you how to open a port on a particular PC’s firewall to let traffic in. If you have a router on your network (which you likely do), you will also need to allow the same traffic through that router by forwarding the port there.

How to Open a Port on Windows 10

Clicking Start, type “Windows Firewall” into the search box, and then click on “Windows Defender Firewall.”

Once Windows Firewall opens, click on “Advanced Settings.”

This launches Windows Defender Firewall with Advanced Security. Click the “Inbound Rules” category on the left. In the far right pane, click the “New Rule” command.

If you need to open a rule for outgoing traffic, instead of clicking “Inbound Rule,” you’d click “Outbound Rule.” Most apps are pretty good about creating their own outbound rules when you install them, but you might occasionally run into one that cannot.

On the Rule Type page, select the “Port” option and then click “Next.”

On the next screen, you’ll have to choose whether the port you’re opening uses the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). Unfortunately, we can’t tell you specifically which to use because different apps use different protocols. Port numbers can range from 0-65535, with ports up to 1023 being reserved for privileged services. You can find an unofficial list of (most) TCP/UDP ports on the Wikipedia page, and you can also search for the app you’re using. If you can’t determine the specific protocol to use for your app, you can create two new inbound rules—one for TCP and one for UDP.

Select the “Specific Local Ports” option and then type the port number into the field provided. If you’re opening more than one port, you can separate them by commas. If you need to open a range of ports, use a hyphen (-).

Click “Next” when you’re done.

On the next page, click “Allow the Connection” and then click “Next.”

Note: For this guide, we’ll be using the “Allow the Connection” option, as we trust the connection for which we’re creating a rule. If you want a little more piece of mind, the “Allow the connection if it is secure” rule uses Internet Protocol security (IPsec) to authenticate the connection. You can try that option, but many apps do not support it. If you try the more secure option and it doesn’t work, you can always come back and change to the less secure one.

Next, choose when the rule applies and click “Next.” You can choose one or all of the following:

• Domain: When a PC is connected to a domain controller that Windows can authenticate access to the domain.
• Private: When a PC is connected to a private network, like a home network or a network that you trust.
• Public: When a PC is connected to an open network, like a cafe, airport, or library where anyone can join, and the security is unknown to you.

RELATED: What's the Difference Between Private and Public Networks in Windows?

In the final window, give your new rule a name and an optional, more detailed description. Click “Finish” when you’re done.

If you want to disable the rule at any point, locate it in the list of Inbound or Outbound Rules, right-click it, and then click “Disable Rule.”

That’s all there is to it. If you need to open any other ports for a different program or with a different rule, repeat the steps above using a different set of ports to open.