Blacklist

A blacklist is list of items, such as usernames or IP addresses, that are denied access to a certain system or protocol. When a blacklist is used for access control, all entities are allowed access, except those listed in the blacklist. The opposite of a blacklist is a whitelist, which denies access to all items, except those included in the list.

Blacklists have several applications in computing:

• Web servers often include a blacklist that denies access from specific IP addresses or ranges of IPs, for security purposes.
• Firewalls may use a blacklist to deny access to individual users, systems located in certain regions, or computers with IPs within a certain subnet mask.
• Spam filters often include blacklists that reject certain e-mail addresses and specific message content.
• Programmers may implement blacklists within programs to prevent certain objects from being modified.

Since blacklists deny access to specific entities, they are best used when a limited number of items need to be denied access. When most entities need to be denied access, a whitelist approach is more efficient.