Barracuda RBL download anywhere or other comparable?
Posted: 02 Feb 2024, 19:19
I had an application level attack on a Wordpress site that brought the server to its knees. First time I've had this happen ever running about a half dozen small business websites. Configserver is loading multiple RBLs like FIREHOL, etc. I did a blacklist search and out of like 60 lists the IP only showed up on the Barracuda RBL. However the link to the actual RBL gives a 403 error. https://barracudacentral.org/rbl
The offending IP was 134.17.137.91
If I can't add the Barracuda RBL to configserver, what are my other best options? I'm not sure if the Wordfence plugin blacklist has the IP on it as I don't want to pay for premium Wordfence when I can use configserver.
I don't think these attacks can be blocked in realtime as any plugin would have a hard time determining if it's a legitimate bot scraping the site or not. Seems like it would have to be able to monitor the number of open PHP processes being spawned by a single user connection?
The offending IP was 134.17.137.91
If I can't add the Barracuda RBL to configserver, what are my other best options? I'm not sure if the Wordfence plugin blacklist has the IP on it as I don't want to pay for premium Wordfence when I can use configserver.
I don't think these attacks can be blocked in realtime as any plugin would have a hard time determining if it's a legitimate bot scraping the site or not. Seems like it would have to be able to monitor the number of open PHP processes being spawned by a single user connection?