Skip to content

Instantly share code, notes, and snippets.

@boogah boogah/.htaccess
Created Apr 12, 2013

Embed
What would you like to do?
A list of bad IPs responsible for a number of brute force attacks on WordPress, prepared as an .htaccess deny list. Just add it to your site's .htaccess rules and feel a tiny bit safer. List culled from this post by Sucuri: http://blog.sucuri.net/2013/04/mass-wordpress-brute-force-attacks-myth-or-reality.html
# BEGIN wp-login.php blocks
<Files wp-login.php>
order allow,deny
deny from 31.184.238.38
deny from 178.151.216.53
deny from 91.224.160.143
deny from 195.128.126.6
deny from 85.114.133.118
deny from 177.125.184.8
deny from 89.233.216.203
deny from 89.233.216.209
deny from 109.230.246.37
deny from 188.175.122.21
deny from 46.119.127.1
deny from 176.57.216.198
deny from 173.38.155.22
deny from 67.229.59.202
deny from 94.242.237.101
deny from 209.73.151.64
deny from 212.175.14.114
deny from 78.154.105.23
deny from 50.116.27.19
deny from 195.128.126.114
deny from 78.153.216.56
deny from 31.202.217.135
deny from 204.93.60.182
deny from 173.38.155.8
deny from 204.93.60.75
deny from 50.117.59.3
deny from 209.73.151.229
deny from 216.172.147.251
deny from 204.93.60.57
deny from 94.199.51.7
deny from 204.93.60.185
allow from all
</Files>
# END wp-login.php blocks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.