Whackers for Hackers IPBL:
Updated 3 times per day. If you’d like to subscribe to a more real-time BL contact us for pricing. We are accepting inquiries for beta testers.
Updated lists below:
Non-authorized WordPress login attempts: https://whackersforhackers.com/share/wordpress.txt
SMTP bad auth attempts: https://whackersforhackers.com/share/smtp.authfails.txt
SMTP no rDNS & plain old losers: https://whackersforhackers.com/share/smtp.badhosts.txt
Tor gateways: https://whackersforhackers.com/share/tor.txt
Non-authorized ssh attempts: https://whackersforhackers.com/share/ssh.authfails.txt
SMTP idiot TLD’s (like .top, .happy, .party, etc): https://whackersforhackers.com/share/smtp.txt
Comment spammers (new): https://whackersforhackers.com/share/comment.spam.txt
Brute force attempts (new – we block entire networks not just IP’s on this one): https://whackersforhackers.com/share/brute.force.txt
New: W4H Wall of Shame – offending companies that are on our brute force list: https://whackersforhackers.com/share/brute.force.abusers.list.txt
New: W4H white list – unfortunately we can no longer maintain blocking big providers who are most often the worst offenders. This list is a white list we must maintain to limit disruption to our clients. We still block INDIVIDUAL IP’s at those large providers just not their CIDR network block: http://whackersforhackers.com/share/whitelist.txt
Unfortunately we can’t keep Amazon, Google, Microsoft, etc on our list even though they are honorable mentions and quite frankly the biggest offenders because 50% of the Internet is now hosted by those losers! They do show up on our individual block lists but not our CIDR.
We are no longer doing country blocking – if you need access to this you can use: ipdeny.com and deny entire country blocks <– individual lists available there
Now also blocking ALL TOR exit nodes (TOR gateways to the Internet): Link
- Failed SMTP logins
- Failed ssh login attempts
- Failed WordPress logins
- Attempted hacking against websites I host
- Zombie servers URL tapping compromised files
- Ridiculous TLD’s like .top, .link, .blink and the like
- IP addresses without an rDNS or DNS name
We are now parsing these into separate lists (links above).