Spring Sale! Save 30% on all books w/ code: PLANET24
Web Dev + WordPress + Security

Series Summary: Building the 3G Blacklist

[ 3G Stormtrooper ]

In the now-complete series, Building the 3G Blacklist, I share insights and discoveries concerning website security and protection against malicious attacks. Each article in the series focuses on unique blacklist strategies designed to protect sites transparently, effectively, and efficiently. The five articles culminate in the release of the next generation 3G Blacklist.

Here is a quick summary of the entire Building the 3G Blacklist series:

Building the 3G Blacklist, Part 1
Improving Site Security by Recognizing and Exploiting Server Attack Patterns: In this first article of the series, I examine the process of identifying attack patterns and trends and using them to immunize against future attacks.
Building the 3G Blacklist, Part 2
Improving Site Security by Preventing Malicious Query-String Exploits: In this second article, I present an incredibly powerful method for eliminating malicious query string attacks.
Building the 3G Blacklist, Part 3
Improving Site Security by Selectively Blocking Rogue User Agents: In this third article, I discuss targeted, user-agent blacklisting and present an alternate approach to preventing site access for the most prevalent and malicious user agents. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently.
Building the 3G Blacklist, Part 4
Improving the RedirectMatch Directives of the Original 2G Blacklist: In this fourth article, I build upon the ideas and techniques presented previously in the series by improving the directives contained in the original, 2G Blacklist.
Building the 3G Blacklist, Part 5
Improving Site Security by Selectively Blocking Individual IPs: In this fifth and final article of the series, I provide the final key to our comprehensive blacklist strategy: selectively blocking individual IPs.
Perishable Press 3G Blacklist
The 3G Blacklist is an extremely effective security strategy for preventing a vast majority of common exploits. The list consists of four distinct parts, providing multiple layers of protection while synergizing into a comprehensive defense mechanism. Further, the 3G Blacklist is designed to be as lightweight and flexible as possible, thereby facilitating periodic cultivation and maintenance.

And of course, the following articles are also involved with the series:

I hope you find the information useful for improving the security of your website. As always, thanks for reading! :)

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
Blackhole Pro: Trap bad bots in a virtual black hole.

4 responses to “Series Summary: Building the 3G Blacklist”

  1. Interesting series, thank you !

    I was just wondering how this would fit into your scheme of things :

    http://www.0x000000.com/index.php?i=567

  2. Perishable 2008/05/25 2:52 pm

    Hi Peter, thanks for the feedback. That tutorial looks pretty sweet! I haven’t tried the entire method, but many similar directives are currently in effect here at Perishable Press, through either the 3G Blacklist or otherwise. Some great stuff! Thanks for sharing :)

  3. Alissa Miller 2008/05/30 9:51 am

    I recently encountered a conflict with one of the 3G rules and the WordPress plugin WP Super Cache. The particular 3G rule is the following rules:

    RedirectMatch 403 //

    I was able to figure out how to fix it, but the explanation is far too long for a comment. You can view it here: 404 link removed.

  4. Perishable 2008/05/31 1:46 pm

    Thanks for sharing this information with us, Alissa. Your article is excellent and provides an elegant and practical solution for resolving the Super-Cache/3G conflict. If anyone else is experiencing 403 errors while using the 3G Blacklist with the WordPress Super Cache plugin, read this post for a clean fix ;)
    Cheers!

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
.htaccess made easy: Improve site performance and security.
Thoughts
I live right next door to the absolute loudest car in town. And the owner loves to drive it.
8G Firewall now out of beta testing, ready for use on production sites.
It's all about that ad revenue baby.
Note to self: encrypting 500 GB of data on my iMac takes around 8 hours.
Getting back into things after a bit of a break. Currently 7° F outside. Chillz.
2024 is going to make 2020 look like a vacation. Prepare accordingly.
First snow of the year :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.