REW

How Do I Whitelist A Device?

Published Aug 29, 2025 4 min read
On this page

**Whitelist (or "allowlist") a device by adding its unique identifier, such as its MAC address, IP address, or digital certificate, to a list of approved devices on a network or application.

This prevents unauthorized devices from gaining access. The exact procedure varies depending on the system, but the core process involves identifying the device and configuring your network or software to trust it.**

Whitelisting a device on a Wi-Fi router

This is the most common method for home users to control which devices can connect to their network.

  1. Find the device's MAC address: A MAC address is a unique identifier assigned to a network interface card (NIC).
    • On Windows: Open the Command Prompt and type ipconfig /all. The MAC address is listed as the "Physical Address".
    • On macOS: Go to System Settings > Network > Wi-Fi > Advanced. The MAC address is labeled as "Wi-Fi Address" or "Hardware Address".
    • On iPhone/iPad: Go to Settings > General > About and look for "Wi-Fi Address".
    • On Android: Go to Settings > About Phone > Status and look for "Wi-Fi MAC address".
  2. Access your router's admin panel: Open a web browser and type your router's IP address (e.g., 192.168.1.1 or 192.168.0.1) into the address bar. Your router's manual or a sticker on the device usually provides the correct address and default login credentials.
  3. Find the MAC filtering settings: Look for a section like "Wireless MAC Address Control," "MAC Filtering," or "Access Control," typically under "Wireless" or "Security" settings.
  4. Enable and configure the whitelist:
    • Enable MAC filtering and set the filtering mode to "Allow" or "Whitelist".
    • Add each MAC address you collected into the list of allowed devices.
    • Save your changes. The router may need to reboot to apply the new settings.

Whitelisting an IP address

This method is used in enterprise settings or for specific applications to restrict access to trusted IP addresses.

On a router firewall:

  1. Log in to your router's administration panel.
  2. Navigate to the Firewall or Access Control settings.
  3. Add the trusted IP addresses or ranges to the whitelist.

In Windows Defender Firewall:

  1. Press the Win + R keys, type wf.msc, and press Enter.
  2. Click Inbound Rules in the left pane, then click New Rule.
  3. Choose Custom for the rule type.
  4. In the "Scope" tab, select These IP addresses and add the trusted IP addresses.
  5. Select "Allow the connection" and save the rule.

Whitelisting an app on a device

This is a security practice that allows only pre-approved software to run.

On Android using Mobile Device Management (MDM):

  • For managed devices: Companies can use an MDM platform like Codeproof or AirDroid to remotely enforce app whitelisting policies.
  • For personal devices: You can use third-party apps like personalDNSfilter to whitelist specific domains or leverage parental controls, which often include app-blocking features.

On iOS using Screen Time:

  • Go to Settings > Screen Time > Content & Privacy Restrictions.
  • Under Allowed Apps, you can enable or disable built-in apps.
  • For web-based content, go to Content Restrictions > Web Content and choose Allowed Websites Only to create a custom whitelist of websites.

On Windows using AppLocker:

  • Note: AppLocker is available in Pro and Enterprise editions of Windows.
  • Open the Local Security Policy editor by searching for secpol.msc.
  • Navigate to Application Control Policies > AppLocker.
  • Right-click on the rule type (e.g., Executable Rules) and create a new rule to define which apps are allowed to run.

Whitelisting a USB device

This is a critical security measure for organizations to prevent unauthorized data transfer and malware injection.

  1. Use Device Control Software: Many endpoint protection solutions offer USB device whitelisting capabilities.
  2. Define Criteria: Create a list of approved devices based on make, model, or unique hardware identifiers.
  3. Add to the whitelist: Configure the device control software to add your list of authorized USBs. Only devices on this list will be allowed to function when plugged in.

Why whitelisting is a strong security measure

Whitelisting provides a higher level of security than blacklisting (which blocks known threats) because it operates on the principle of "deny by default".

  • Reduces malware risk: It stops unknown or unapproved programs from running, preventing new malware and ransomware from executing.
  • Prevents shadow IT: It ensures that only sanctioned software is installed on corporate devices, improving compliance and control.
  • Enhances network control: It limits access to network resources to only trusted devices and users, reducing the attack surface.
  • Mitigates phishing threats: Email whitelisting ensures that messages from trusted senders reach your inbox, bypassing spam filters.

Best practices and considerations

  • Start with a clear policy: Before implementation, define what needs to be whitelisted and why.
  • Test thoroughly: Test your whitelisting policies in a controlled environment to ensure they don't break critical functions.
  • Regularly review and update: An outdated whitelist can be a security risk. Regularly add or remove devices and applications as business needs change.
  • Communicate with users: Inform employees of the new security policies to manage expectations and ensure compliance.
Enjoyed this article? Share it with a friend.