FW configuration for svchost.exe?

try under different name
https://www.wilderssecurity.com/showpost.php?p=1694855&postcount=9

 

Most people run not safe. I've not a static IP, I do a rule for DNS on port 53 for the very few applications that I allow to connect.

 

Here are where I learned what little I know about svchost. Older threads but still very worthy for handling basic services. One is for Kerio 2.1.5 and the other for Outpost, but it should shed some light on how to restrict svchost.

BZ Kerio 2x Default Replacement
A Guide to Producing a Secure Configuration for Outpost

I've also attached an image of my "interpretation" (from Kerio but soon to be OA) of the above and have been running this way for years without issue, but then I don't know how it would stand up under a severe threat. I'm no firewall guru, I just put this together from the above two threads.

 

Your "svchost 80,443" rule opens a very large hole to the svchost process and does the opposite of what the OP is trying to accomplish. You should at a minimum limit this rule to Microsoft's IP ranges. The only time svchost has tried to connect out via ports 80 and 443 on my machine is during Windows Update sessions which I run manually and allow manually.