IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

What is a web filter?

We look at best ways to block, hide, or flag undesired search engine results

Internet browsers do not come with filters, a problem that plagues workplaces and schools alike.

According to InsideView, Americans spend 10 work minutes a day watching soccer, which translates to a whopping $121.7 million in lost productivity. Many universities have found themselves in a similar bind, as workarounds help students circumvent firewalls, and the same is true of public libraries seeking to limit visitors’ access to social media networks.

Malware lurking on seemingly innocuous websites is another cause for concern. In a 2020 Twitter hack that targeted Tesla CEO Elon Musk and former US presidents, among others, scammers netted $121,000 from over 400 Bitcoin transactions.

Web filters help administrators mitigate issues by blocking inappropriate sites. 

Typically imposed without consent, web filtering is comparable to internet censorship. Web filtering helps enterprises identify and disable access to websites that pose a security risk or hinder employee productivity in its most basic form.

Read on to discover different types of filters, customizations, specific use cases, and more.

Web filtering methods

There are three key ways web filters determine which sites are safe and which to block. These processes are as follows. 

1. Whitelists and blacklists

By and large, filters for the web rely on whitelists or blacklists.

The former includes a list of domain names, URLs, and ports an organization deems appropriate and safe for use. A whitelist is also known as an allowed list. 

Blacklists or blocked lists do the opposite; they prevent users from accessing specific websites. Each site is manually entered or imported from a database that constantly updates links to potentially harmful or counterproductive websites.

2. Keyword filtering

A keyword-based filter restricts access to websites containing offensive, derogatory, or obscene words. 

Even with its broad scope, a keyword filter is far from perfect. Numerous domains and accounts are denied registration due to overly restrictive filters. In addition to blocking legitimate websites, false positives can also cause social unrest.

For instance, a news site owned by the anti-LGBT American Family Association replaced every use of "gay" with "homosexual" in a 2008 article about sprinter Tyson Gay, referring to him as “Tyson Homosexual.”

Related Resource

Challenging the rules of security

Protecting data and simplifying IT management with Chrome OS

Whitepaper front coverFree download

In April 2021, Facebook's algorithm took down the official page of French town Bitche. When Facebook learned of the error, it apologized and restored the page.

3. Category filtering

Web category filtering blocks websites based on the category of content they contain. Web filters typically censor topics such as pornography, violence, and hate. When combined with keyword filters, category filters provide greater accuracy.

Types of web filters

On top of the various filtering methods, there are several types of filters, ranging from your ISP blocking a site to a simple search engine filter. 

1. Domain name system filter

Domain names are human-friendly representations of IP addresses. Despite being easy to remember, they are specific to each website. For example, the domain name of Yahoo is “yahoo.com.” 

Domain name system (DNS) translates domain names into machine-readable IP addresses. 

When users type a domain name into their browser, their device sends a DNS query to a DNS resolver, a webserver dedicated to handling DNS queries.

By intercepting DNS queries that precede HTTP connection requests, DNS filters block access to a domain. Essentially, a DNS filter blocks a website and its associated web pages. 

This is an all-or-nothing approach, as DNS filters do not support selective blocking.

2. Internet service provider-level filter

As misinformation, clickbait, and hate speech rise, governments are compelled to enact new and ingenious control measures. One such solution is to have an internet service provider (ISP) install a limiting filter.

Content-limited ISPs restrict access to a set portion of the internet, eliminating all sites the government deems inappropriate. As guidelines are subject to change, most ISPs offer the ability to lock or unlock their services dynamically.

By and large, subscribers do not have an option to opt out of this network-level filter. ISPs also work to block malicious websites that trick users into revealing sensitive information, such as usernames, passwords, and credit card numbers.

3. Search engine filter 

The internet is home to close to a billion websites, making it nearly impossible to manually bar illicit videos, images, and content from search results. There are, however, search-engine-based security layers.

Search engines, such as Google and Bing, offer a safety filter. When turned on, the safe search filter prevents explicit content, such as pornography, from appearing in search engine results pages (SERPs). 

Nevertheless, safety filters cannot prevent users from navigating directly to explicit websites.

4. Browser-based filter 

Browser-based filters are typically lightweight, easy-to-install extensions. Despite their limited scope, extensions remain a popular choice among users seeking fewer distractions.

A case in point is StayFocused, a productivity extension for Google Chrome. StayFocused lets you whitelist websites during a specific period, allowing you to indulge in some calculated idle browsing. 

Once you reach your time limit, the blocked sites remain inaccessible for the remainder of the day. You may also block an entire website or selectively exclude subdomains.

Though they are effective, you can easily circumvent browser-based filters by switching browsers. For instance, if you block Facebook on Chrome, you can still access it through Firefox

Considering how easy it is to bypass browser-based filters, businesses seldom use them in professional settings.

Note: No filter, whether browser- or ISP-based, is failsafe. From proxy servers to VPNs, there are ways to slip past web filters. Additionally, users can bypass content-control filters by connecting to an uncensored device remotely.

The bottom line 

An overly aggressive filter may block bona fide websites from time to time, making it a struggle to find that perfect balance. However, the fact remains that a wide range of cultures and contexts complicate selective blocking. 

There will always be false positives, as filters are less likely to be all-inclusive.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Recommended

Getting board-level buy-in for security strategy
Whitepaper

Getting board-level buy-in for security strategy

30 Nov 2022
Best free malware removal tools 2022
Security

Best free malware removal tools 2022

28 Nov 2022
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

23 Nov 2022
2022 IBM's Security X-Force cloud threat landscape report
Whitepaper

2022 IBM's Security X-Force cloud threat landscape report

22 Nov 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Salesforce co-CEO Bret Taylor resigns with cryptic parting message
Business operations

Salesforce co-CEO Bret Taylor resigns with cryptic parting message

1 Dec 2022
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022