Aug 8 2012

My (ever growing) ban-list

Just like any other WordPress installation out there, is subjected to constant hacking attempts. People try to gain access to the server in order to modify the blog contents and serve spam, exploits, ads on my behalf. I have two security measures in place:

  • Limit Login Attempts: this plugin allows you to configure how WordPress is going to react to wrong username/password combinations. I have it setup so that even one wrong username/password combination will get your IP blocked from logging in again for 24 hours. As I’m the only person using the system and have a password manager to remember the password, I should never run into a situation where I hit this road block. And even if I do, I have access to the database and can lift the limit.
  • WP-Ban: using this plugin I can define a set of IP-addresses or address-ranges to block certain sites from ever visiting me again. If one of the banned sites attempts to access kahunaburger, they receive a friendly page that tells them to go away. Every week or so I take all the IP-addresses collected from the plugin above and add them to the ban-list.

It’s become a lot more quiet since I started using the two utilities above. And in case you’re interested, here’s my current ban-list as of today (most of them are open proxies):

2 Responses to “My (ever growing) ban-list”

Leave a Reply