Series Summary: Building the 3G Blacklist
In the now-complete series, Building the 3G Blacklist, I share insights and discoveries concerning website security and protection against malicious attacks. Each article in the series focuses on unique blacklist strategies designed to protect sites transparently, effectively, and efficiently. The five articles culminate in the release of the next generation 3G Blacklist.
Here is a quick summary of the entire Building the 3G Blacklist series:
- Building the 3G Blacklist, Part 1
- Improving Site Security by Recognizing and Exploiting Server Attack Patterns: In this first article of the series, I examine the process of identifying attack patterns and trends and using them to immunize against future attacks.
- Building the 3G Blacklist, Part 2
- Improving Site Security by Preventing Malicious Query-String Exploits: In this second article, I present an incredibly powerful method for eliminating malicious query string attacks.
- Building the 3G Blacklist, Part 3
- Improving Site Security by Selectively Blocking Rogue User Agents: In this third article, I discuss targeted, user-agent blacklisting and present an alternate approach to preventing site access for the most prevalent and malicious user agents. Subsequent articles will focus on key blacklist strategies designed to protect your site transparently, effectively, and efficiently.
- Building the 3G Blacklist, Part 4
- Improving the RedirectMatch Directives of the Original 2G Blacklist: In this fourth article, I build upon the ideas and techniques presented previously in the series by improving the directives contained in the original, 2G Blacklist.
- Building the 3G Blacklist, Part 5
- Improving Site Security by Selectively Blocking Individual IPs: In this fifth and final article of the series, I provide the final key to our comprehensive blacklist strategy: selectively blocking individual IPs.
- Perishable Press 3G Blacklist
- The 3G Blacklist is an extremely effective security strategy for preventing a vast majority of common exploits. The list consists of four distinct parts, providing multiple layers of protection while synergizing into a comprehensive defense mechanism. Further, the 3G Blacklist is designed to be as lightweight and flexible as possible, thereby facilitating periodic cultivation and maintenance.
And of course, the following articles are also involved with the series:
- 2G Blacklist: Closing the Door on Malicious Attacks
- Ultimate htaccess Blacklist 2
- Ultimate htaccess Blacklist
- How to Block Proxy Servers via htaccess
- Over 150 of the Worst Spammers, Scrapers and Crackers from 2007
- Perishable Press Blacklist Candidates
I hope you find the information useful for improving the security of your website. As always, thanks for reading! :)
About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
4 responses to “Series Summary: Building the 3G Blacklist”
Interesting series, thank you !
I was just wondering how this would fit into your scheme of things :
http://www.0x000000.com/index.php?i=567
Hi Peter, thanks for the feedback. That tutorial looks pretty sweet! I haven’t tried the entire method, but many similar directives are currently in effect here at Perishable Press, through either the 3G Blacklist or otherwise. Some great stuff! Thanks for sharing :)
I recently encountered a conflict with one of the 3G rules and the WordPress plugin WP Super Cache. The particular 3G rule is the following rules:
RedirectMatch 403 //
I was able to figure out how to fix it, but the explanation is far too long for a comment. You can view it here: 404 link removed.
Thanks for sharing this information with us, Alissa. Your article is excellent and provides an elegant and practical solution for resolving the Super-Cache/3G conflict. If anyone else is experiencing 403 errors while using the 3G Blacklist with the WordPress Super Cache plugin, read this post for a clean fix ;)
Cheers!