Tag: firewall

5G Blacklist 2012

Posted on January 11, 2012 in HTAccess, Security by Jeff Starr

[ 5G ] The 5G Blacklist helps reduce the number of malicious URL requests that hit your website. It’s one of many ways to improve the security of your site and protect against evil exploits, bad requests, and other nefarious garbage.

After extensive beta testing, the 5G Blacklist/Firewall is solid and ready to help secure sites hosted on Apache servers. In addition to beta testing for the 5G, this is the 5th major update of my “G”-series blacklists. Here is a quick overview of its evolution:

5G Blacklist for Microsoft IIS

Posted on November 25, 2011 in Security by Jeff Starr

By design the 5G Blacklist works on Apache servers, but thanks to Scott Stawarz, here is a version for Microsoft IIS:

Building the 5G Blacklist

Posted on September 23, 2011 in HTAccess, Security by Jeff Starr

Protecting your website is more important than ever. There are a million ways to do it, and this is one of them. In fact, it’s what I use to protect Perishable Press and other key sites. It’s called the 5G Blacklist, and it’s something I’ve been working on for a long time. The idea is simple enough: analyze bad requests and block them using a firewall/blacklist via .htaccess. Now in its 5th generation, the 5G Blacklist has evolved into a considerably solid method of keeping your site safe and secure. How does it work? I’m glad you asked..

Block Tough Proxies

Posted on July 18, 2011 in Security by Jeff Starr

If you want to block tough proxies like hidemyass.com, my previously posted .htaccess methods won’t work. Those methods will block quite a bit of proxy visits to your site, but won’t work on the stealthier proxies. Fortunately, we can use a bit of PHP to keep them out.

5G Firewall Beta

Posted on February 9, 2011 in HTAccess, Security by Jeff Starr

Update 2012/01/25 — Official release version: 5G Blacklist 2012. The beta version provided in this post is now for reference only.

Updating the 4G Blacklist, the new 5G Firewall is now open for beta testing. The new code is better than ever, providing wider protection with less code and fewer false positives. I’ve had much success with this new firewall, but more testing is needed to ensure maximum compatibility and minimal issues.

What a Malicious Server Scan Looks Like

Posted on February 8, 2011 in Security by Jeff Starr

Like most sites on the Web, Perishable Press is scanned constantly by malicious scripts looking for vulnerabilities and exploit opportunities. There is no end to the type and variety of malicious URL requests. It all depends on the script, the target, and the goal of the attack. Malicious scripts generally seek one of two things: