8G Firewall

♦ Posted by Jeff Starr in .htaccess, Security

Updated November 3, 2024 • 132 comments

After more than a year of beta testing, 8G Firewall is ready for use on production sites. So you can benefit from the powerful protection provided by the latest evolution of the nG Firewall (aka nG Blacklist). The 8G Firewall offers lightweight, server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. 8G is a lightweight (only 17KB) strong firewall that provides site security and peace of mind. Plus, 8G is open source and 100% free for everyone :)

Update: 8G Firewall is out of beta as of version 1.3, now available for download. A huge thank you to all beta testers :)

Update: 8G has been forked for both Nginx and Apache by Tonkünstler-on-the-Bund. The Apache fork uses SetEnvIf instead of mod_rewrite. Learn more and download at GitHub.

About 8G Firewall
Reporting Bugs
Download 8G Firewall
License & Disclaimer
Show Support
8G Notes

About 8G Firewall

The 8G Firewall is a carefully crafted set of security rules for Apache and Nginx servers. It can be applied via your site’s public root .htaccess file, or added via server configuration. Once added, 8G provides powerful server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. It’s a lightweight (only 17KB) strong firewall that improves site security and peace of mind.

8G Firewall builds on 7G, optimizing scope with performance while minimizing false positives. Learn more about nG-series firewall, including 8G and all the details:

Official nG homepage »

Support 8G Firewall: Donate via PayPal or your favorite digital coin »

Reporting Bugs

As of version 1.3, 8G is out of beta and ready for production sites. Any bugs (false positives) may be reported via my contact form. Or if you have any questions or non-bug-related feedback, you are welcome to leave a comment on this post. Thank you :)

nG Logging: Just FYI, 7G and 8G Firewall support logging of each request, matching patterns, and more. Learn how to enable logging with nG Firewall.

Download 8G Firewall

By downloading 8G, you agree to the terms set forth in the License and Disclaimer. You will find copy of the 8G changelog included in the zip download file. Check out the nG homepage for install steps and complete information.

Download 8G FirewallVersion 1.3 ( 7.13 KB ZIP )

Note: To retain the Unix LF EOL characters (line breaks) in the 8G text file, it is recommended to use a program that supports them, such as Notepad++ (free for Windows) or TextEdit or BBEdit (free for Mac). The line breaks keep the code structured and readable, instead of a big jumbled mess.

License & Disclaimer

8G Firewall is open source and 100% free for all. The only requirement is that the following credit lines are included when using 8G (or any of its parts).

# 8G FIREWALL
# https://perishablepress.com/8g-firewall/

Other than that, it’s all yours!

Disclaimer

The 8G Firewall is provided “as-is”, with the intention of helping people protect their sites against bad requests and other malicious activity. The code is open and free to use and modify as long as the first two credit lines remain intact. By using this code you assume all risk and responsibility for anything that happens. So use wisely, test thoroughly, and enjoy the benefits of my work :)

Show support

I spend countless hours developing the nG Firewall. I share it freely and openly with the hope that it will help make the Web a more secure place for everyone.

If you benefit from my work with nG Firewall and would like to show support, consider buying one of my books, such as .htaccess made easy. You’ll get a complete guide to .htaccess, exclusive forum access, and a ton of awesome techniques for configuring, optimizing, and securing your site.

Of course, tweets, likes, links, and shares are super helpful and very much appreciated. Your generous support allows me to continue developing the nG Firewall and other awesome resources for the community. Thank you kindly :)

Support 8G Firewall: Donate via PayPal, Stripe, or your favorite digital coin »

8G Notes

Any 8G-related notes will be added/updated here..

Only use 7G or 8G, not both
8G is modular: each section can be removed/added as desired
8G is designed to work flawlessly with WordPress or any other non-WP site
8G adds new “HTTP COOKIE” rules
Please report any strings or user agents that should not be blocked
Always test well before going live and report any bugs or issues
Joomla sites: remove “administrator” from Request URI rules
Other 8G-related notes will be added here..

About the Author

Jeff Starr = Fullstack Developer. Book Author. Teacher. Human Being.

132 responses to “8G Firewall”

Gerold 2024/10/23 3:23 am • Reply

Thanks for the new Firewall Jeff!
Is it possible to copy the txt.file to my .htaccess when using Nginx? Just like I would using Apache?
- Jeff Starr 2024/10/23 12:08 pm • Post Author • Reply
  
  No because Nginx doesn’t support Apache/.htaccess.
  - Gerold 2024/10/27 12:16 am
    
    Of course ;-) So sorry for the confusion. I ment to ask for Litespeed servers NOT Nginx.
  - Jeff Starr 2024/10/27 2:34 am • Post Author
    
    Then yes, if it supports Apache/.htaccess then it should work fine. Of course always test well before going live.
- Gerold 2024/10/28 9:49 pm • Reply
  
  Great, thx!
Chris 2024/10/23 12:55 pm • Reply

Hi Jeff! I was hoping that you could help me out. I just added Solid Security AND your 8G code to my website. Solid Security does a scan twice a day and I believe the bot is being blocked. I am getting an email saying “site_verification_failed.connection_error”.

Is there a way to whitelist an IP, or do you think it is something else?
WML 2024/11/10 12:05 pm • Reply

If I read it correctly, robots.txt is on the blocking URI pattern? Why?
- Jeff Starr 2024/11/10 8:36 pm • Post Author • Reply
  
  That is incorrect, /robots.txt is never blocked by any of my firewalls.