Did you know that your website could be getting hacked right now without you even knowing ?
Lets look into How To Block Hacking Attempts On Your Website.
So i have recently been watching our Wordfence logs for recent brute force hacking attempts and noticed that a certain IP address that i traced from the Ukraine tried to repeatedly break into the admin panel of our website.
Here i will explain in this short article a sure fire way of How To Block Hacking Attempts On Your Website.
Wordfence Your First Line of Defense
Firstly for your first line of defense there is a great plugin by Wordfence that i have so far found to be one of the best security hardners for wordpress, it includes an impressive line of features such as a malware scanner as well as brute force attempt hacking preventer. There are paid versions also but the free version is still very feature rich. One of the features of this plugin is that it will block and log any attempts to brute force hacking if multiple login attempts have failed on your login page. It will log the ip address of the offender for you to take appropriate action.
Find Out Who The Hacker is
The second thing to do is to do a whois lookup on the ip address with a tool such as http://whois.domaintools.com/
Copy and paste the ip address that was sent to you via email of a hacking attempt into the search bar and do a search. You will get some detailed information of the ip addresses location in my case it was from the UKRAINE / RUSSIA. It will also provide you information on the ISP or HOSTER in my case STEEPHOST.NET. If your lucky it will also provide you an email address where to send complaints or abuse.
Send the hosting company or ISP an email of the security breach telling them you have had an attempted hack for their reference and to follow up. This is probably as much as you can do with the ISP or hosting company.
Use Wizcrafts HTACCESS Block Lists
The third and final thing you should do is block all access to known or countries you don’t want having access to your website at all.
Just ask yourself “Do i really care about getting traffic from Russia ?” If you don’t then its safe to block all traffic from this country. You will need to make this decision on your own as each business is different depending on the product and services you sell.
Head on over to Wizcrafts website for a constantly updated list of known IP ranges that you can add to your .htaccess file to permanently block access to.
Russian Block Lists
Known Exploited Servers Block Lists
Nigerian Block Lists
Chinese / Korean Block Lists
South American Block Lists
How To Use The Blocklists ?
In a nutshell you will need an ftp client and edit the .htaccess file in your root director of your website. Copy / Paste the lists from Wizcrafts into your .htaccess file then save. Thats it.
NOTE: Please take a backup of your .htaccess file just incase anything goes wrong.
Use with caution:
Please be aware that by doing the above mentioned steps you will be blocking access people from those countries that fall into those IP ranges completely. They wont even be able to see your website they will simply be shown a 403 forbidden error page. If you have family or friends in those countries then there is a good chance that you will be blocking them also and thats not good. I would only block access to the countries that you actually see you get hacking attempts from otherwise your just increasing your chances of blocking wanted traffic to your website.
If you find your traffic or website is unusual or your website is playing up in anyway just remove the blocklist details from .htaccess or restore a backup.
Goodluck and hope this article has given you some insight into how to block hacking attempts on your website.
If you liked this article please share it with your friends
[sharethis]