WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Block IPs (6 posts)

  1. Matt
    Member
    Posted 2 years ago #

    Are there any plans to add a "block IP/domain" tab? Or should we just do specific blocking as custom .htaccess?

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    I am not a fan of trying to block IP's and hostnames on a long term basis because IP addresses and hostnames are very easily spoofed. Login protection based on IP and hostnames is different and very important so I don't want to send the wrong message here.

    I have a very large collection of hacker scripts and delivery systems that i use for research.
    It is very easy to code an automated IP address / hostname changer based on Time and the more advanced hacker scripts already have this. ie change my IP address and/or hostname every X seconds. ie If my IP address / hostname is banned change my IP/hostname.

    The difference with using bans in login protection plugins is that you are causing the Brute Force Password Cracking script to only get X amount of attempts before being banned. The script then has to "restart" itself and this is an inconvenience that will usually cause a hacker bot to go elsewhere for easier targets.

    So my answer is no i will never be adding any long term IP / hostname banning to BPS because I am instead focusing on an "action" approach to website security.

    X does this bad action and Y is the result = Forbidden

    No matter what their IP address or hostname is the action will not be allowed.

  3. Matt
    Member
    Posted 2 years ago #

    I get it; just thought I'd check. I have about 5 IPs that repeatedly try to create accounts on my WordPress/Buddypress site which was the only reason I asked. I'll block those IPs elsewhere, but understand that it won't be part of the plugin due to the issues you mentioned.

  4. AITpro
    Member
    Plugin Author

    Posted 2 years ago #

    Well if you have repeat offenders then just add them to BPS Custom Code. You would add this custom .htaccess code to CUSTOM CODE BOTTOM: Add miscellaneous custom .htaccess code here text box, click the AutoMagic button for the secure.htaccess file and then activate BulletProof Mode for your Root folder again.

    # Block Repeat Offenders by IP and Hostname
    <Files *>
    Order Allow,Deny
    Allow from all
    Deny from 10.1.3.0/24
    Deny from hidemyass.com
    deny from proxy.com
    deny from anonymouse.com
    deny from proxify.com
    </Files>
  5. ThorHammer
    Member
    Posted 1 year ago #

    And when I do so, the plugin styling disappear and I get a 500 and has to go to the root and delete the .htaccess....

  6. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    @ThorHammer - then your particular Host does not allow all or part of that .htaccess code or there is an invalid entry or typo in the code. I have noticed that on some Hosts you cannot use a range/CIDR - 10.1.3.0/24 - but all hosts do allow blocking by subnet - Examples: 10.1. or 10.1.3.

    You can use the existing wp-comments-post.php htaccess code and add additional FilesMatch conditions like this. by adding .php and .js you are saying block access to all php and js files to the IP addresses listed as Deny from.

    <FilesMatch "^(wp-comments-post\.php|\.php|\.js)">
    Order Allow,Deny
    Deny from 46.119.35.
    Deny from 46.119.45.
    Deny from 91.236.74.
    Deny from 93.182.147.
    Deny from 93.182.187.
    Deny from 94.27.72.
    Deny from 94.27.75.
    Deny from 94.27.76.
    Deny from 193.105.210.
    Deny from 195.43.128.
    Deny from 198.144.105.
    Deny from 199.15.234.
    Allow from all
    </FilesMatch>

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic