{"id":5378,"date":"2024-10-15T13:11:26","date_gmt":"2024-10-15T11:11:26","guid":{"rendered":"https:\/\/www.lrob.fr\/?p=5378"},"modified":"2025-07-26T14:15:30","modified_gmt":"2025-07-26T12:15:30","slug":"lrob-contributes-abuseipdb","status":"publish","type":"post","link":"https:\/\/www.lrob.fr\/en\/blog\/lrob-contribue-abuseipdb\/","title":{"rendered":"LRob now contributes to malicious IP reporting with AbuseIPDB"},"content":{"rendered":"

For a long time, I'd been looking for a way to effectively exploit the hacking data blocked by my servers. And as aWordPress hosting specialist<\/a>believe me, I thwart hundreds, if not thousands, of hacking attempts every day (and I'm not the only one). regularly repairs hacked WordPress sites from other hosts<\/a>). Intrusion attempts are constant, but thanks to security systems such as Fail2ban, attacks are automatically stopped before they cause any damage. However, beyond simply protecting my systems and customers, I wanted to go further: share this information and make the Internet a safer place for everyone.<\/p>\n\n\n\n

Over 2,000 malicious IPs reported in just 48 hours!<\/h2>\n\n\n\n

With this in mind LRob has started contributing to attacker reporting via AbuseIPDB<\/a><\/strong>a platform that allows anyone to report malicious IPs. In just 48 hours<\/strong>over 2000 IP<\/strong> have already been reported, showing just how significant the impact of this initiative can be.<\/p>\n\n\n\n

Here's the total number of IPs reported since LRob joined AbuseIPDB (updated in August 2025 to 8000\/day):<\/p>\n\n\n\n

\n
\n\t\"AbuseIPDB\n<\/a><\/center>\n<\/div>\n\n\n\n
\n\n\n\n

Why report malicious IPs?<\/h2>\n\n\n\n

Hackers attack everything, all the time. Whether you're a small business, an individual or a large organization, you're a target. However, while these attacks are relentless, the resources of cybercriminals are limited<\/strong>. By identifying them, we have a chance of combating them more effectively and limiting their scope for action.<\/p>\n\n\n\n

There are two main reasons why reporting malicious IPs is crucial:<\/p>\n\n\n\n

    \n
  1. Identify and block attackers<\/strong> By reporting these IPs, you contribute to the creation of a database accessible to all, making it easier to block potential threats before they reach other infrastructures.<\/li>\n\n\n\n
  2. Informing legitimate guests<\/strong> Some legitimate hosts can be infected or hijacked without their knowledge, serving as relays for attacks. By reporting these IPs, you give them a chance to react and correct the situation.<\/li>\n<\/ol>\n\n\n\n

    Sharing information via platforms such asAbuseIPDB<\/strong> makes the web safer, not just for you, but for the whole community.<\/p>\n\n\n\n

    \n\n\n\n

    A simple API for efficient reporting<\/h2>\n\n\n\n

    One of AbuseIPDB's great strengths is its ease of use<\/strong>. Via a API<\/strong> accessible to all, it's easy to contribute to the reporting of malicious IPs. By validating your identity, you can even increase the reporting limit to 5000 IP per day<\/strong>which covers a wider spectrum of attacks.<\/p>\n\n\n\n

    So I decided to set up a system for automate<\/strong> these postponements, so that the community can benefit from my data on blocked hacks. A banner<\/strong> is now visible at the bottom of my LRob.fr site, linking directly to my AbuseIPDB profile, where anyone can see the IPs I've reported (see my profile here<\/a>).<\/p>\n\n\n\n

    \n\n\n\n

    Automated reporting with Plesk and Fail2ban<\/h2>\n\n\n\n

    For those who, like LRob, use Plesk<\/strong> to manage their servers, I developed a script to automatically report malicious IPs via the AbuseIPDB API using the Fail2ban<\/strong>.<\/p>\n\n\n\n

    This script is freely available on GitHub<\/strong> and can be used by any sysadmin wishing to automate this process. Simply configure your API key<\/strong> and you're ready to get started!<\/p>\n\n\n\n

    You can find it here: GitHub - Report AbuseIPDB<\/a>.<\/p>\n\n\n\n

    (Don't hesitate to suggest improvements if you see ways to optimize the script or make it more efficient!)<\/p>\n\n\n\n

    All you have to do is create a CRON and you're done, for example :<\/p>\n\n\n\n

    #Run \/root\/report_abuseipdb.sh every 6 hours\n30 *\/6 * * * \/root\/report_abuseipdb.sh<\/code><\/pre>\n\n\n\n
    \n\n\n\n
    Towards a more secure internet, together \ud83d\udcaa<\/h2>\n\n\n\n
    We all have a role to play in building a healthier, more secure Internet. Every IP reported is one less potential attack on our infrastructures, one less threat to businesses and individuals. Thanks to the combined efforts of contributors and platforms such as AbuseIPDB<\/strong>we can reduce the impact of cyber attacks and make the web safer for everyone. \ud83c\udf10<\/p>\n\n\n\n
    So, whether you're an experienced sysadmin or an individual user wishing to contribute, I encourage you to join this initiative. Together, we can make a real difference and make the web more secure. \ud83d\udc4a<\/p>\n\n\n\n
    And if you're simply looking for a secure hosting provider specializing in WordPress, I invite you to discover my offers :<\/p>\n\n\n\n
    \n
    WordPress Hosting<\/a><\/div>\n\n\n\n
    Webmastering WordPress<\/a><\/div>\n\n\n\n
    Nextcloud hosting<\/a><\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"
    Depuis longtemps, je cherchais un moyen d’exploiter efficacement les donn\u00e9es de hacking bloqu\u00e9es par mes serveurs. Et en tant qu’h\u00e9bergeur sp\u00e9cialiste WordPress, croyez bien que je d\u00e9joue des centaines voire des milliers de tentatives de piratages chaque jour (et je r\u00e9pare r\u00e9guli\u00e8rement des sites WordPress pirat\u00e9s qui proviennent d’autres h\u00e9bergeurs). Les tentatives d’intrusion sont permanentes, […]<\/p>\n","protected":false},"author":1,"featured_media":5379,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,28],"tags":[],"class_list":["post-5378","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-securite"],"_links":{"self":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/5378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/comments?post=5378"}],"version-history":[{"count":7,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/5378\/revisions"}],"predecessor-version":[{"id":7791,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/posts\/5378\/revisions\/7791"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/media\/5379"}],"wp:attachment":[{"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/media?parent=5378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/categories?post=5378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lrob.fr\/en\/wp-json\/wp\/v2\/tags?post=5378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}