Whackers for Hackers IPBL:

Updated 3 times per day.  If you’d like to subscribe to a more real-time BL contact us for pricing.  We are accepting inquiries for beta testers.

Updated lists below:

Non-authorized WordPress login attempts:  https://whackersforhackers.com/share/wordpress.txt

SMTP bad auth attempts:  https://whackersforhackers.com/share/smtp.authfails.txt

SMTP no rDNS & plain old losers:  https://whackersforhackers.com/share/smtp.badhosts.txt

Tor gateways:  https://whackersforhackers.com/share/tor.txt

Non-authorized ssh attempts:  https://whackersforhackers.com/share/ssh.authfails.txt

SMTP idiot TLD’s (like .top, .happy, .party, etc):  https://whackersforhackers.com/share/smtp.txt

Comment spammers (new):  https://whackersforhackers.com/share/comment.spam.txt

Brute force attempts (new – we block entire networks not just IP’s on this one):  https://whackersforhackers.com/share/brute.force.txt

New:  W4H Wall of Shame – offending companies that are on our brute force list:  https://whackersforhackers.com/share/brute.force.abusers.list.txt

New:  W4H white list – unfortunately we can no longer maintain blocking big providers who are most often the worst offenders.  This list is a white list we must maintain to limit disruption to our clients.  We still block INDIVIDUAL IP’s at those large providers just not their CIDR network block:  http://whackersforhackers.com/share/whitelist.txt

Unfortunately we can’t keep Amazon, Google, Microsoft, etc on our list even though they are honorable mentions and quite frankly the biggest offenders because 50% of the Internet is now hosted by those losers!  They do show up on our individual block lists but not our CIDR.

We are no longer doing country blocking – if you need access to this you can use: ipdeny.com and deny entire country blocks <– individual lists available there

Now also blocking ALL TOR exit nodes (TOR gateways to the Internet):  Link

Individual IP’s:

  • Failed SMTP logins
  • Failed ssh login attempts
  • Failed WordPress logins
  • Attempted hacking against websites I host
  • Zombie servers URL tapping compromised files
  • Ridiculous TLD’s like .top, .link, .blink and the like
  • IP addresses without an rDNS or DNS name

We are now parsing these into separate lists (links above).