Disable Windows PowerShell with PowerShell Protect

Daily PowerShell #48

December 2, 2021

Discuss this Article

In this post, we’ll look at how to use PowerShell Protect to prevent Windows PowerShell from executing.

PowerShell Protect is a solution for auditing and blocking PowerShell scripts on Windows. You can define rules and actions to take when conditions are met. The following condition checks the application name property to verify if Windows PowerShell is executing. The action is then to block the execution of the script.

$Condition = New-PSPCondition -Property "ApplicationName" -Contains -Value "powershell.exe"
$BlockAction = New-PSPAction -Block
$Rule = New-PSPRule -Name "Block" -Condition $Condition -Action @($BlockAction)

$Configuration = New-PSPConfiguration -Rule $Rule -Action $BlockAction
Set-PSPConfiguration -Configuration $Configuration -FileSystem

The result is that you can execute PowerShell 7 scripts but not Windows PowerShell scripts.

Find this useful? Please consider sharing this article. Have a question about PowerShell? Contact us and we'll write a post about it.

Ironman Software Forums

Continue the conversion on the Ironman Software forums. Chat with over 1000 users about PowerShell, PowerShell Universal, and PowerShell Pro Tools.

Join Now

Ironman Software Newsletter

Receive once-a-month updates about Ironman Software. You'll learn about our product updates and blogs related to PowerShell.