For a long time, I've been looking for a way to effectively exploit the hacking data blocked by my servers. And as a’WordPress hosting specialist, believe me, I thwart hundreds, if not thousands, of hacking attempts every day (and I'm not the only one). regularly repairs pirated WordPress sites from other hosts). Intrusion attempts are permanent, but thanks to security systems such as Fail2ban, attacks are stopped automatically before they cause any damage. However, beyond simply protecting my systems and customers, I wanted to go further: share this information and make the internet a safer place for everyone.
More than 2,000 malicious IPs reported in just 48 hours!
With this in mind LRob has started contributing to attacker reporting via AbuseIPDB, a platform that allows anyone to report malicious IPs. In just 48 hours, more 2000 IP have already been reported, showing just how significant an impact this initiative can have.
Here is the total number of IPs reported since LRob joined AbuseIPDB (updated in August 2025 to 8000/day):
Why report malicious IP?
Hackers attack everything, all the time. Whether you're a small business, an individual or a large organisation, you're a target. However, although these attacks are relentless, the resources of cybercriminals are limited. By identifying them, we have a chance to combat them more effectively and limit their scope for action.
There are two main reasons why reporting malicious IP is crucial:
- Identifying and blocking attackers By reporting these IPs, you contribute to the creation of a database accessible to everyone, making it easier to block potential threats before they reach other infrastructures.
- Informing legitimate guests Some legitimate hosts can be infected or hijacked without their knowledge, serving as relays for attacks. By reporting these IPs, you give them a chance to react and correct the situation.
Sharing information via platforms such as’AbuseIPDB makes the web safer, not just for you, but for the whole community.
A simple API for efficient reporting
One of the great strengths of AbuseIPDB is its ease of use. Via a API accessible to everyone, it's easy to help report malicious IPs. By validating your identity, you can even increase the reporting limit to 5000 IP per day, This enables a broader spectrum of attacks to be covered.
So I decided to set up a system to automate these reports, so that the community can benefit from my data on blocked hacks. A banner is now visible at the bottom of my LRob.fr website, linking directly to my AbuseIPDB profile, where anyone can see the IPs I've reported (see my profile here).
Automated reporting with Plesk and Fail2ban
For those who, like LRob, use Plesk to manage their servers, I developed a script to automatically report malicious IPs via the AbuseIPDB API using the Fail2ban.
This script is freely available on GitHub and can be used by any sysadmin wishing to automate this process. Simply configure your API key and you're ready to get started!
You can find it here: GitHub - Report AbuseIPDB.
(Don't hesitate to suggest improvements if you see ways of optimising the script or making it more effective!)
All you have to do is create a CRON and that's it, for example :
#Run /root/report_abuseipdb.sh every 6 hours
30 */6 * * * /root/report_abuseipdb.shTowards a more secure Internet, together 💪
We all have a role to play in building a healthier and more secure Internet. Every IP reported is one less potential attack on our infrastructure, one less threat to businesses and individuals. Thanks to the combined efforts of contributors and platforms such as AbuseIPDB, we can reduce the impact of cyber attacks and make the web safer for everyone. 🌐
So, whether you're an experienced sysadmin or an individual user wanting to contribute, I encourage you to join this initiative. Together, we can make a real difference and make the web more secure. 👊
And if you're simply looking for a secure hosting provider that specialises in WordPress, I invite you to take a look at what I have to offer:
Leave a Reply
You must be logged in to post a comment.