Every day I was deploying new bots that logged into websites, scraped their data and dumped it all in my local database. The end result of those months of research was the creation of JTC Anti-Spam|Anti-Hacker, which is 100% effective at blocking automated hackerbots and spambots because it uses a “bad action” approach to blocking badbots instead of blocking by IP addresses.Ĭomments made by other people around the Internet that have discovered or know that blocking by IP addresses is a completely ineffective method and a waste of time.īefore becoming a co-founder of Distil Networks, my background was in writing bots that scraped web pages. We spent months researching blocking by IP addresses a few years ago: We found that blocking by IP addresses was completely ineffective and a waste of time. Your IP address is known and can be whitelisted with very little code and effort vs trying to block|blacklist millions of unknown IP addresses. The same principle should always be used anywhere else. Example: The BPS Pro Plugin Firewall whitelists (allows) only your IP address to access any plugin files in the WordPress /plugins/ folder. The optimum approach|method when dealing with IP addresses is whitelisting vs blacklisting. Since the Security Log entry shows that the bot was already blocked then you can add additional Bonus Custom Code to BPS Custom Code, but usually using/turning on JTC is all you need to do. By blocking the bad action itself there is no need to check or block by IP addresses.īPS Pro has JTC Anti-Spam|Anti-Hacker, which blocks 100% of all bots. Example: If badbot X performs bad action Y on/at your website then bad action Y is blocked. ![]() In general, BPS uses a “bad action” approach to blocking hackerbots and spambots. So even automating IP blocking is a waste of time. If you block an IP address or a range of IP addresses (CIDR blocks) then the hacker/spammer payload delivery system automatically switches to different IP addresses/IP address ranges. The reason blocking IP addresses is not effective is because hacker/spammer payload delivery systems that send out hackerbots/spambots have the automated capability of switching IP addresses on the fly. It is time consuming, not really effective and will cause excessive server resource usage and slow down your website performance if you have large numbers of blocked IP addresses, such as blocking by Country. ![]() Solution: N/A - Hacker/Spammer Blocked/Forbiddenīlocking by IP addresses is the worst possible approach you can do. How can I configure BPS to automatically block the IP of the attacker? Įvent Code: BFHS - Blocked/Forbidden Hacker or Spammer Could there be a conflict between BPS Pro and Wordfence that prevents the blocking of the IP by BPS Pro? I have enabled login security after 10 failed attempts and it seems that the above attempt is a login attempt. ![]() I have also Wordfence installed and perform the blocking of IPs there. I have to manually block the IP and one of them has more than 30.000 blocked accesses. Unfortunately the IP is not blocked (there are a few others as well). This is a sample entry from the security log: Since two weeks I face heavy attacks on one of my blogs.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |