What is a web filter?

Computer screen displaying parental controls
(Image credit: Shutterstock)

Internet browsers do not come with filters, a problem that plagues workplaces and schools alike.

According to InsideView, Americans spend 10 work minutes a day watching soccer, which translates to a whopping $121.7 million in lost productivity. Many universities have found themselves in a similar bind, as workarounds help students circumvent firewalls, and the same is true of public libraries seeking to limit visitors’ access to social media networks.

FaceTime Communications USG530 - web filtering appliance review Bloxx unveils new TVT web filter

Malware lurking on seemingly innocuous websites is another cause for concern. In a 2020 Twitter hack that targeted Tesla CEO Elon Musk and former US presidents, among others, scammers netted $121,000 from over 400 Bitcoin transactions.

Web filters help administrators mitigate issues by blocking inappropriate sites.

Typically imposed without consent, web filtering is comparable to internet censorship. Web filtering helps enterprises identify and disable access to websites that pose a security risk or hinder employee productivity in its most basic form.

Read on to discover different types of filters, customizations, specific use cases, and more.

Web filtering methods

There are three key ways web filters determine which sites are safe and which to block. These processes are as follows.

1. Whitelists and blacklists

By and large, filters for the web rely on whitelists or blacklists.

The former includes a list of domain names, URLs, and ports an organization deems appropriate and safe for use. A whitelist is also known as an allowed list.

Blacklists or blocked lists do the opposite; they prevent users from accessing specific websites. Each site is manually entered or imported from a database that constantly updates links to potentially harmful or counterproductive websites.

2. Keyword filtering

A keyword-based filter restricts access to websites containing offensive, derogatory, or obscene words.

Even with its broad scope, a keyword filter is far from perfect. Numerous domains and accounts are denied registration due to overly restrictive filters. In addition to blocking legitimate websites, false positives can also cause social unrest.

For instance, a news site owned by the anti-LGBT American Family Association replaced every use of "gay" with "homosexual" in a 2008 article about sprinter Tyson Gay, referring to him as “Tyson Homosexual.”


Challenging the rules of security

Protecting data and simplifying IT management with Chrome OS


In April 2021, Facebook's algorithm took down the official page of French town Bitche. When Facebook learned of the error, it apologized and restored the page.

3. Category filtering

Web category filtering blocks websites based on the category of content they contain. Web filters typically censor topics such as pornography, violence, and hate. When combined with keyword filters, category filters provide greater accuracy.

Types of web filters

On top of the various filtering methods, there are several types of filters, ranging from your ISP blocking a site to a simple search engine filter.

1. Domain name system filter

Domain names are human-friendly representations of IP addresses. Despite being easy to remember, they are specific to each website. For example, the domain name of Yahoo is “yahoo.com.”

Domain name system (DNS) translates domain names into machine-readable IP addresses.

When users type a domain name into their browser, their device sends a DNS query to a DNS resolver, a webserver dedicated to handling DNS queries.

By intercepting DNS queries that precede HTTP connection requests, DNS filters block access to a domain. Essentially, a DNS filter blocks a website and its associated web pages.

This is an all-or-nothing approach, as DNS filters do not support selective blocking.

2. Internet service provider-level filter

As misinformation, clickbait, and hate speech rise, governments are compelled to enact new and ingenious control measures. One such solution is to have an internet service provider (ISP) install a limiting filter.

Content-limited ISPs restrict access to a set portion of the internet, eliminating all sites the government deems inappropriate. As guidelines are subject to change, most ISPs offer the ability to lock or unlock their services dynamically.

By and large, subscribers do not have an option to opt out of this network-level filter. ISPs also work to block malicious websites that trick users into revealing sensitive information, such as usernames, passwords, and credit card numbers.

3. Search engine filter

The internet is home to close to a billion websites, making it nearly impossible to manually bar illicit videos, images, and content from search results. There are, however, search-engine-based security layers.

Search engines, such as Google and Bing, offer a safety filter. When turned on, the safe search filter prevents explicit content, such as pornography, from appearing in search engine results pages (SERPs).

Nevertheless, safety filters cannot prevent users from navigating directly to explicit websites.

4. Browser-based filter

Browser-based filters are typically lightweight, easy-to-install extensions. Despite their limited scope, extensions remain a popular choice among users seeking fewer distractions.

A case in point is StayFocused, a productivity extension for Google Chrome. StayFocused lets you whitelist websites during a specific period, allowing you to indulge in some calculated idle browsing.

Once you reach your time limit, the blocked sites remain inaccessible for the remainder of the day. You may also block an entire website or selectively exclude subdomains.

Though they are effective, you can easily circumvent browser-based filters by switching browsers. For instance, if you block Facebook on Chrome, you can still access it through Firefox.

Considering how easy it is to bypass browser-based filters, businesses seldom use them in professional settings.

Note: No filter, whether browser- or ISP-based, is failsafe. From proxy servers to VPNs, there are ways to slip past web filters. Additionally, users can bypass content-control filters by connecting to an uncensored device remotely.

The bottom line

An overly aggressive filter may block bona fide websites from time to time, making it a struggle to find that perfect balance. However, the fact remains that a wide range of cultures and contexts complicate selective blocking.

There will always be false positives, as filters are less likely to be all-inclusive.