WP fail2ban Blocklist is a collaborative preemptive blocklist for WordPress.
| Author: | Charles Lecklider (profile at wordpress.org) |
| WordPress version required: | 4.9 |
| WordPress version tested: | 6.5.2 |
| Plugin version: | 2.2.1 |
| Added to WordPress repository: | 27-02-2022 |
| Last updated: | 12-04-2024 |
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | https://addons.wp-fail2ban.com/blocklist/ |
| Total downloads: | 13 287 |
| Active installs: | 3 000+ |
 Click to start download |
|
There are many plugins that use a database to check for malicious IPs after they connect, and of course fail2ban stops repeated attacks, but what if bad IPs could be blocked before they attack?
By working collaboratively – sharing attack data – WP fail2ban Blocklist does exactly that.
The Blocklist Network Service (BNS) collects attack data from participating sites, performs some analytical magic, and sends back a list of IPs that are attacking sites now but haven’t yet attacked that site. In other words, each site periodically gets a unique list of IPs to block preemptively.
GDPR
The BNS doesn’t collect personal data, and bots don’t have rights.
That said, the BNS only collects the minimum data required (time, IP, event), and only for IPs that have behaved maliciously.
Of course, it is possible that some data is generated by people behaving maliciously, but the BNS has no way to differentiate – and nor should it: an attack is an attack.
Freemius
To work, the BNS must know:
- which sites are running the blocklist add-on,
- which version is in use,
- and a shared secret for secure communication.
Freemius already provides all these, and WP fail2ban already uses Freemius; why reinvent the wheel?
Therefore, unlike the core WP fail2ban plugin, you must opt into Freemius for the blocklist to work.
Screenshots
ChangeLog
