sfw/fix
ERR_BLOCKED_BY_ADMINISTRATOR medium

ERR_BLOCKED_BY_ADMINISTRATOR (managed-policy URL block)

A Chrome or Edge group policy (URLBlocklist) on a managed device or network is denying the site outright.

What you see

This page has been blocked by your administrator
Try contacting your system admin if you think this is a mistake.
ERR_BLOCKED_BY_ADMINISTRATOR

What’s actually happening

The browser is enforcing a managed policy. An IT admin (or, occasionally, malware) added the URL to Chrome's URLBlocklist, and the browser refuses to load it before any network request goes out. This hits Chrome and Edge alike because both honor the same enterprise policy keys. On a work laptop or a school network it's expected — the admin set it. On a personal machine where you never set up management, it's a red flag: some adware injects a managed policy to lock you onto or away from certain sites. chrome://policy is where the truth lives.

Common causes

  • An enterprise URLBlocklist policy pushed via MDM, Google Admin console, or Windows Group Policy targeting the domain
  • A school, library, or corporate network applying a content-filtering policy to managed browsers
  • A wildcard blocklist entry (e.g. blocking a whole TLD or a category) that catches the site as collateral
  • Malware or a PUP that injected a managed policy on a personal device to block security/AV sites or force redirects
  • A leftover policy from a previous device-management enrollment that was never cleaned up

How to fix it

  1. Open chrome://policy and reloadGo to chrome://policy (or edge://policy), click Reload policies, and look for URLBlocklist. Expand it to see the blocked patterns and check that Status reads OK. This shows you exactly what's blocked and confirms a policy — not a server — is the cause. The 'Policy name' column also shows the source: cloud (Google Admin) vs platform (local GPO/registry).
  2. If it's a managed work/school device, ask ITOn a legitimately managed device you can't and shouldn't override this yourself — the policy is enforced at the OS level. Contact the admin with the exact URL and ask them to allowlist it (URLAllowlist) or remove it from URLBlocklist. There is no client-side workaround that isn't a policy violation.
  3. Check whether the device is actually managedchrome://management tells you if the browser is enrolled. If it says the browser is NOT managed but you still see policies, something installed them locally — that's the malware case, not a real admin.
  4. Remove a malware-injected policy (personal device)On Windows, check the registry under HKLM\SOFTWARE\Policies\Google\Chrome\URLBlocklist and HKCU\...\Chrome for entries you didn't create, and run a reputable malware scan (Malwarebytes). On macOS, look for a Chrome configuration profile in System Settings -> Privacy & Security -> Profiles and managed .plist files under /Library/Managed Preferences. Remove the rogue profile, then re-check chrome://policy.

Stop it recurring

On personal machines, don't install browser extensions or 'free' software from unknown sources, and review chrome://policy if a managed policy ever appears unexpectedly.

Related errors

net::ERR_BLOCKED_BY_CLIENT (request blocked client-side)

low

The browser — not your server — blocked a resource, almost always an ad blocker or privacy extension matching it against a filter list.

Google Safe Browsing "Deceptive site ahead" warning

critical

Google Safe Browsing flagged the site for phishing or malware, so Chrome shows a full red interstitial before the page loads.

IP listed on Spamhaus blocklist (DNSBL)

high

Your sending IP is on a Spamhaus DNSBL as a spam source or compromised host, so receiving mail servers reject your messages.

Microsoft Defender SmartScreen "This site has been reported as unsafe"

high

Your URL matched Microsoft's reported-sites list, so Edge blocks the page with a SmartScreen interstitial before it loads.