Working with Whitelist and Blacklist

Working with Whitelist and Blacklist

At times, it may be helpful to fully block or allow a domain based on your desired outcome. The White/Black List tab allows you to create and manage custom block and allow lists. You can associate these lists with all policies (global) or assign them to a specific policy if you want to apply them to certain sites or networks.



Create List

To create a list, select "NEW W/B LIST" from the top right of the Custom Lists page. You can name the list and add a description to clarify its purpose. If you want this list to apply to all policies across all sites, select "Global."

Keep in mind that whitelist entries override blacklist entries. Therefore, Global whitelist entries will take precedence over both local and global blacklist entries. You can designate multiple lists as Global.



Edit List

A list can be used to specifically allow, block, or both depending on desired result. Simply select the Allow tab to add whitelisted entries and the Block tab to add blacklisted entries. 

You can enter any domain for fully qualified domain with syntax as followed:

aol.com                       (This will affect the domain only and ignore sub-domains)
*.aol.com                  (This will affect the host/sub-domain only and ignore the domain)

We do not allow HTTP or URLs as only domain-based entries can be processed.

Further Examples:
Blacklisting *.yahoo.com would block news.yahoo.com but allow yahoo.com.
Blacklisting yahoo.com will block yahoo.com but allow mail.yahoo.com.

In order to fully block or allow a domain/website, it is best to create two entries:
yahoo.com
*.yahoo.com





Order of White/Black List Rules

Below is the processing order within the system to help you better understand how rules are applied. In short, whitelists override blacklists, and global lists take override all. The entry types are listed in order of priority:

  1. Global Whitelist
  2. Global Blacklist
  3. Standard Whitelist
  4. Standard Blacklist


Apply White/Black List to Policy

Global lists do not need to be applied to a policy, as they automatically apply across your entire account. If you want to assign a list to a specific policy for use at particular sites or networks, you can do so from the Policy tab.

To assign a list to a custom policy:

  1. Navigate to the Policy tab.

  2. Select the custom policy to which you want to apply the list.

Note: White/Black lists cannot be assigned to default policies.





Now select "Edit Policy" at upper right corner. Here you can select the "White/Black List" field and choose any number of custom lists you wish to apply to the current policy. Global lists do not need to be selected. Now, simply save the policy and your White/Black list settings will be applied to all networks with the selected policy.









    • Related Articles

    • Safe Search Supported Search Engines

      When activating Forced Safe Search in Policy, ScoutDNS forwards all requests for supported search engines to their restricted search domains. Only search engines that support domain-based restriction controls can be included. Safe Search will disable ...
    • Organizations - Configuration and Management of Multi-Tenant Use

      ScoutDNS provides two levels of tenancy. The primary inherent level allows any operator to be a member of any number of accounts and have different roles depending on each account's settings. The second level, enabled through the Organizations tab, ...
    • Roaming Clients / Device Agents - Setup, Configure, and Manage

      ScoutDNS provides device agents for organizations that wish to protect devices with DNS-layer security both on and off the network. The ScoutDNS device agent is an extremely lightweight application, best installed on managed devices where ...
    • Safe Search Explained

      ScoutDNS supports Safe Search settings to enhance web browsing safety on search engines. This feature helps block certain search terms entirely and removes inappropriate search results, including those from image and video tabs. Bing Safe Mode Since ...
    • Configurable Objects and Their Associations

      ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations. Allow/Block List Allow/Block List Description ...
    • Popular Articles

    • Working with Whitelist and Blacklist

      At times, it may be helpful to fully block or allow a domain based on your desired outcome. The White/Black List tab allows you to create and manage custom block and allow lists. You can associate these lists with all policies (global) or assign them ...
    • Quick Start Setup Guide - WAN Forwarding

      There are three methods you can use to protect your networks and users with ScoutDNS: 1) WAN Forwarding – This method involves configuring ScoutDNS with your WAN IP address and forwarding DNS queries from inside your network to our anycast resolver ...
    • Content Categories

      Below is a list of Content Categories and their descriptions. Adult Abortions These are sites that present arguments either in favor of or against abortion. This includes information on abortion procedures, sites that offer assistance in obtaining ...
    • Mixing DNS Providers

      It is generally not recommended to mix DNS providers. Most routers and systems randomly select which DNS server receives each packet, which can lead to issues with filtering and reporting due to mixed rules in the system cache. To avoid these ...
    • Dynamic IP Setup

      ScoutDNS supports dynamic DNS IP address integration with most dynamic DNS providers. Popular Dynamic DNS solutions include: No-IP ChangeIP DynDNS FreeDNS Once you have an account with one of these or a similar solution, you can configure ScoutDNS to ...
    • Recent Articles

    • Applications Categories - Zero Trust App Management

      The ScoutDNS Application Policy sub-tab lets you block whole groups of web applications while still allowing specific apps through an allow list. It covers tens of thousands of domains and supports a zero-trust security approach. For example, you can ...
    • Configure Entra ID based Policies

      ScoutDNS supports policy enforcement by user groups synced from Entra ID (formerly Azure AD). This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS ...
    • Setup and Use Guide for MSPs

      ScoutDNS is built for Managed Service Providers (MSPs) to deliver robust DNS protection to their customers and end users. Setup is straightforward, thanks to our object-based configuration approach. Here is a brief outline of what this guide covers. ...
    • Configure AD (Active Directory) Policies

      ScoutDNS supports policy enforcement by user groups synced from Active Directory. This is useful when admins want policy decisions to follow the user regardless of the device or device profile in use. This guide explains how ScoutDNS syncs with ...
    • Configurable Objects and Their Associations

      ScoutDNS is designed with an object-based configuration model to simplify management and large-scale deployment. In this article, we will explore the various configurable objects and their associations. Allow/Block List Allow/Block List Description ...