GUI to manage Software Restriction Policy (SRP) and harden Windows

© 2019 Program by @Andy Ful, texts by @shmu26 and @oldschool

Imprint & Privacy Policy (© wim-cms)


Smart Default-Deny Protection

Blocks unsafe files by default, while allowing installation of safe applications through enhanced application of the Windows SmartScreen

Forced Smartscreen

Applies SmartScreen protection even to executables not downloaded from the Internet and lacking “Mark-of-the-Web,” including executables that were uncompressed. It can be set to warn of risky file types.

Blocks Dangerous File Extensions

Prevents user from executing/opening files with dangerous extensions, including up to 249 file types.

Restricts Dangerous Features

Such as: Remote Desktop, Remote Assistance, Remote Registry, Remote Shell, Windows scripting, SMB protocols, and more, thus hardening Windows safely. Includes a list of 170 abusable sponsors and script interpreters that can be optionally blocked, without interfering with the free function of system processes.

What are the advantages of using Hard_Configurator?

Very Lightweight

Hard_Configurator is the lightest solution, because it does not burden the system with any new processes, drivers, services, or scheduled tasks. Its protection works by means of built-in Windows policies stored in the Windows registry, but readily visible and manageable by the user through the Hard_Configurator GUI. Such a setup is highly compatible with Windows systems and various antivirus protections. It does not cause issues with Windows updates or system scheduled tasks, since the relevant policies do not restrict processes initiated at system level.

Protection against harmful documents

Hard_Configurator has a special module for configuring advanced Windows Defender settings, via the ConfigureDefender application. They are especially useful in preventing advanced exploits of Microsoft Office applications and Adobe applications. Even if the user does not use Windows Defender, he can still benefit greatly from the Documents Anti-exploit settings, which block all macros and other active content in documents, when opened in Microsoft Office or in Adobe applications.

Default-Deny Protection

This type of default-deny setup can be used by anyone who desires a higher level of security. It is especially useful for the protection of casual computer users. Hard_Configurator may be used to configure the computer systems of family members and friends. The initial configuration often requires some whitelisting, which should preferably be done by an advanced user, and then users of all levels will benefit from the resulting protection. There is a special default-deny profile that can be used to work with Avast antivirus set to Hardened Aggressive mode. This setup is very convenient for casual users in their typical daily computer use.