How does localhost 127.0.0.1 work?

I won't talk about the Windows case here, because it's a bit different, but let's say this: In every* Unix-like operating system, you have two network devices:

• A loopback device
• An Ethernet device

The first one is purely "virtual". It's like an Ethernet plug that you can't see. The second one has to do with the Ethernet plug in your computer.

What does the loopback interface do? Every traffic that you send to loopback will come back.

Like your Ethernet device gets an IP address (for example 192.168.1.20), the loopback device will also have an IP address, namely 127.0.0.1. To make it easier, you can access it over localhost too.

If you have a look at a typical Unix /etc/hosts file, you will see that 127.0.0.1 is mapped to "localhost". So whenever you type "localhost", your computer will know to call 127.0.0.1.

And this is the reason why you can "block" applications. Let's say you don't want your computer to send data to Microsoft. Then you could simply redirect every request to microsoft.com to 127.0.0.1 instead. Every attempt to contact microsoft.com would result in a failure.

_{* every system that actually has a hardware Ethernet port}

Internet Protocol (IP) addresses fall in one of four basic categories.

1. Addresses used to communicate with other computers around the world,
2. Addresses used to communicate with computers just within a specific company or network,
3. Addresses used to broadcast information between computers on a network,
4. Addresses used to allow a computer to talk to itself.

By agreement, 127.0.0.1 is one of those addresses that fall in the last of those categories.

As humans, we don't tend to remember IP numbers very well, but we have no problem remembering names like superuser.com, www.google.com, and other similar names. When the internet was small (very small), humans shared a "hosts" file to other people on the internet so they didn't have to remember numbers. That hosts file contained pairs of an IP address and one or more host names. When someone tried to access a host by its name, the computer software knew enough to go look it up in the hosts file. The internet has grown so much since then that we now use a domain name system (DNS) in order to resolve names to IP numbers in addition to using the old style hosts file. Most computers are set up to look up names in the hosts file first, then in DNS if that fails.

Now that you have the background, here's how it works (usually):

When you add this entry to your hosts file, any time your computer tries too look up www.foo.com, it will try to reach that site on the IP address 127.0.0.1 because you told it that is the Internet Address for www.foo.com. Remember that 127.0.0.1 will allow a computer to talk to itself so attempting to go to 127.0.0.1 in your browser will try to contact a web server on your computer. If you had put in 2.3.4.5 instead of 127.0.0.1, it would have tried to contact the computer at address 2.3.4.5 when opening up www.foo.com.

127.0.0.1 localhost
127.0.0.1 www.foo.com
127.0.0.1 foo.com

The bad thing about using the hosts file for things like this is once you add an entry to the hosts file, you are assuming responsibility for keeping that information up-to-date. If you don't put the entry in your hosts file, your computer will try to use DNS to look up the IP address, then use that IP address to contact the server.

The good thing about it is if you never want to allow anyone to talk to www.foo.com by the host name on your computer only, adding the entry to your hosts file may (keyword - may) prevent that from happening. If the goal is to prevent ever reaching a particular site by any means (not just by host name), there are other better and more reliable ways to prevent that from happening like properly using a firewall.