blocklist-ipsets
nginx-ultimate-bad-bot-blocker
Our great sponsors
blocklist-ipsets | nginx-ultimate-bad-bot-blocker | |
---|---|---|
39 | 11 | |
2,910 | 3,620 | |
3.0% | - | |
2.8 | 9.8 | |
about 19 hours ago | 4 days ago | |
Shell | Shell | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blocklist-ipsets
- IPlist of bots/malicious actors
-
A good malware/threat filtering choice on OPNSense
Yes, unfortunately i think this also happened other times with Firehol L3 (you can see https://github.com/firehol/blocklist-ipsets/issues/188) but thanks for the lists advice.
-
Creating a cyber threat intelligence tool
It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
-
Did anyone notice an abnormal increase in banned clients? These are my daily fail2ban ban count
I believe you are running SSH over default port 22 - feel free to change that. You can also use iplists from FireHOL to block any connection from blacklisted (on way or another) IPs - https://iplists.firehol.org/
-
blocklist-ipsets VS Lists - a user suggested alternative
2 projects | 19 Jan 2023
-
Show HN: A Golang package and tool to detect Tor exit IP addresses
Tor exits are tracked here [1] and in a few other block-list repos. The data is built from Tor's exit node list [2]
-
Ask HN: Someone is proxy-mirroring my website, can I do anything?
http://iplists.firehol.org/ looks free and very comprehensive. It has whole bunch of sub-lists of IPs that are likely to be sources of abuse, including datacenters and VPNs, and it gets updated frequently. Github: https://github.com/firehol/firehol
-
UFW setup for decent security
Sure, few links for when you dig in: http://iplists.firehol.org/, https://crowdsec.net/, https://www.zeroflux.org/projects/knock/, https://www.cipherdyne.org/fwknop/
-
Anyone have to block Russia on their firewall today?
Geoblocking is ancient and ineffective. Firehol keeps updated lists of bad ips https://iplists.firehol.org/
-
A distributed peer to peer list of bad actor IP addresses and phone numbers
Off-Topic question: Is there an existing static file that contains all the attacking IP's from a 3 or 6 month period that spawned the creation of this system? I would like to compare it to what is in firehol's repo. [1] Not trying to downplay anything, just looking to see the delta of the outliers.
nginx-ultimate-bad-bot-blocker
-
Bad Bots Account for 73% of Internet Traffic: Analysis
I manage a network of several hundred websites. About 2 years ago we started blocking bot/crawler user-agents. Some websites see thousands of these requests every day, skewing analytics and eating bandwidth.
Tools like this help: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blo...
-
Are there any solid and straightforward guides on Installing Nextcloud with NGINX & PHP8.1? I could really use a hand, I've been at this for 2 days now.
the subdomain example nginx config from NextCloud with a few changes like TLSv1.3 only, geoblocking and some bot blocking from here and a few other security tweaks. The nginx file is basically a server block as an include separate from the main nginx.conf. The configuration gets an A+ in security from NextCloud's checker and others.
-
Ask HN: Any way to ban GPT-4 and others from harvesting my content and data?
Use nginx anti-bot[1] or product such as Fastly or Cloudflare anti-bot feature, which blocks content scrapping and only allows specific bots using rules or AI. Another option is to block VPN, cloud and hosting companies' ASNs. There is no benefit for you allowing someone to scrap your content apart from Bing and Google. The rest of the bots can die, or you will lose your content to scrappers. So finally, put it behind a paywall if possible. Of course, the paywall only works if you have good content or buying ads to promote it. Good luck, mate.
[1]https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blo...
-
Videolan.org Robots.txt
I used the ultimate Nginx bad bot blocker on a couple of my side projects, and it is a pretty good project https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blo... . Apart from the Cloudflare offers UA blocking and AI driven bot management too. Most of these bots are for content scrapping and then creating search spam results. I am a one-person show, and it hurts both financial and resources wise on severs. So I block them.
-
Google Drive may restrict files identified as violating ToS
Same experience here, one spammer DOSing my site, always with similar patterns. I'm already behind Cloudflare and use https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blo... but I still have to identify and block them manually, which is annoying and a waste of time. Some IP-range blocks affected users so it's not fine grained enough. I wish I could identify, expose and sue them into oblivion.
What are some alternatives?
firehol - A firewall for humans...
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
my-pihole-blocklists - Create custom pi-hole blocklists
ipsum - Daily feed of bad IPs (with blacklist hit scores)
Horus-Eye - Just Simple Code To Play With Android Payloads (;
Ultimate.Hosts.Blacklist - The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.
block - Let's make an annoyance free, better open internet, altogether!
spamscanner - Spam Scanner is a Node.js anti-spam, email filtering, and phishing prevention tool and service. Built for @ladjs, @forwardemail, @cabinjs, @breejs, and @lassjs.
geoip-blocking-w-firewalld - Block unwanted countries IPv4 & IPv6 ranges with firewalld using ipdeny.com
opencti - Open Cyber Threat Intelligence Platform
spam-words - List of spam words in different languages