Download Access to Premium Blacklist

  • Resolved consultant1027

    (@consultant1027)


    4 years, 5 months ago

    We run Configserver Firewall on our server. We use some of the common block lists published out there to block hack attempt traffic at the server network layer level so it doesn’t even reach any of our WordPress sites and thereby cause any load from the Workdpress Plugin PHP Scripts (including Wordfence) from even being executed.

    It would seem to me that if you are a user that has paid for Premium to get the blacklist, it should would be beneficial to be given an API key or something to include in a URL that downloads the current list of IP addresses in the blacklist so it can be added and the server firewall level instead of having to have Wordfence keep running and blocking the http request every time an access attempt to WordPress is made from offending IP address.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jajabings2403, thanks for your query and providing a practical reason for wanting to export the blacklist.

    Unfortunately we cannot provide this functionality. Due to the sensitive nature of the data, we use a hashing algorithm to protect the addresses of these IPs. Many of the attacking IP addresses are infected machines that have vulnerabilities themselves that can be exploited. If we distribute the real-time blacklist, this may provide other attackers with a list of target machines they can compromise.

    For that reason, we have chosen to keep the list confidential. When your WordPress site is attacked by one of these IP addresses, Wordfence uses a hash prefix list to recognize a possible attack. We then confirm the attack by performing a lookup on our servers. If we confirm this is a malicious IP on our blacklist, the IP is blocked, and the block is cached.

    You are probably already aware (hence this request), but our currently exportable data is listed at: https://www.wordfence.com/help/tools/import-export/

    Thanks,

    Peter.

    jajoho

    (@jajabings2403)

    Hi Peter, it seems that you tagged me in this. Im am not related to this post. Thanks, Jatayu

    Plugin Support wfpeter

    (@wfpeter)

    Ah, I apologise! That’s a new one for me, sorry for any inconvenience.

    @consultant1027, please refer to my original response above.

    Thanks again,

    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Download Access to Premium Blacklist’ is closed to new replies.