I came across something today that I had to share. Over at the Perishable Press they have released a really cool “firewall” for your website. Here is their description of what they’ve created:
The 4G Blacklist is a next-generation protective firewall that secures your website against a wide range of malicious activity. Like its 3G predecessor, the 4G Blacklist is designed for use on Apache servers and is easily implemented via HTAccess or the httpd.conf configuration file. In order to function properly, the 4G Blacklist requires two specific Apache modules, mod_rewrite and mod_alias. As with the third generation of the blacklist, the 4G Blacklist consists of multiple parts:
• HTAccess Essentials
• Request-Method Filtering
• IP Address Blacklist
• Query-String Blacklist
• URL Blacklist
Each of these methods is designed to protect different aspects of your site. They may be used independently, mixed and matched, or combined to create the complete 4G Blacklist.
Everyone hates spam bots, automated hacking attempts, and mindless spiders. I really dislike all of the tools that are out their scanning the Internet looking for holes and places to commit their malicious attacks. I am testing this on a couple projects and watching my logs. I have also added a couple of the really annoying form spammers to the IP blocklist already . I will keep you posted on how this script works at blocking the junk hacking attempts and other garbage from our websites.
If you want to check it out you can get the 4G Blacklist here: