diff --git a/lib/rack/attack.rb b/lib/rack/attack.rb
index c1f9528..0265f4b 100644
--- a/lib/rack/attack.rb
+++ b/lib/rack/attack.rb
@@ -40,7 +40,7 @@ module Rack::Attack
 
       # Set defaults
       @notifier ||= ActiveSupport::Notifications if defined?(ActiveSupport::Notifications)
-      @blacklisted_response ||= lambda {|env| [401, {}, ["Unauthorized\n"]] }
+      @blacklisted_response ||= lambda {|env| [403, {}, ["Unauthorized\n"]] }
       @throttled_response   ||= lambda {|env|
         retry_after = env['rack.attack.match_data'][:period] rescue nil
         [429, {'Retry-After' => retry_after.to_s}, ["Retry later\n"]]
diff --git a/spec/allow2ban_spec.rb b/spec/allow2ban_spec.rb
index 569c213..c6a6836 100644
--- a/spec/allow2ban_spec.rb
+++ b/spec/allow2ban_spec.rb
@@ -83,7 +83,7 @@ describe 'Rack::Attack.Allow2Ban' do
       end
 
       it 'fails' do
-        last_response.status.must_equal 401
+        last_response.status.must_equal 403
       end
 
       it 'does not increase fail count' do
@@ -103,7 +103,7 @@ describe 'Rack::Attack.Allow2Ban' do
       end
 
       it 'fails' do
-        last_response.status.must_equal 401
+        last_response.status.must_equal 403
       end
 
       it 'does not increase fail count' do
diff --git a/spec/fail2ban_spec.rb b/spec/fail2ban_spec.rb
index d35755c..2a4f842 100644
--- a/spec/fail2ban_spec.rb
+++ b/spec/fail2ban_spec.rb
@@ -24,7 +24,7 @@ describe 'Rack::Attack.Fail2Ban' do
       describe 'when not at maxretry' do
         before { get '/?foo=OMGHAX', {}, 'REMOTE_ADDR' => '1.2.3.4' }
         it 'fails' do
-          last_response.status.must_equal 401
+          last_response.status.must_equal 403
         end
 
         it 'increases fail count' do
@@ -46,7 +46,7 @@ describe 'Rack::Attack.Fail2Ban' do
         end
 
         it 'fails' do
-          last_response.status.must_equal 401
+          last_response.status.must_equal 403
         end
 
         it 'increases fail count' do
@@ -83,7 +83,7 @@ describe 'Rack::Attack.Fail2Ban' do
       end
 
       it 'fails' do
-        last_response.status.must_equal 401
+        last_response.status.must_equal 403
       end
 
       it 'does not increase fail count' do
@@ -103,7 +103,7 @@ describe 'Rack::Attack.Fail2Ban' do
       end
 
       it 'fails' do
-        last_response.status.must_equal 401
+        last_response.status.must_equal 403
       end
 
       it 'does not increase fail count' do
diff --git a/spec/rack_attack_spec.rb b/spec/rack_attack_spec.rb
index 681edaf..fc13c25 100644
--- a/spec/rack_attack_spec.rb
+++ b/spec/rack_attack_spec.rb
@@ -15,7 +15,7 @@ describe 'Rack::Attack' do
       before { get '/', {}, 'REMOTE_ADDR' => @bad_ip }
       it "should return a blacklist response" do
         get '/', {}, 'REMOTE_ADDR' => @bad_ip
-        last_response.status.must_equal 401
+        last_response.status.must_equal 403
       end
       it "should tag the env" do
         last_request.env['rack.attack.matched'].must_equal "ip #{@bad_ip}"