You might be able to do that by plugging some firewall that knows how to deal with "packet owners", denying all connections to your local web server if the outgoing packet does not come from "The user".

Here's a Linux example, assuming that user's ID is 1234 and the web server runs only on local interface (lo), on TCP port 80:

 # iptables -A OUTPUT -p tcp -m owner --dport 80 -o lo+ ! --uid-owner 
+1234 -j DROP
[download]