#the bde is over 10000
Explore tagged Tumblr posts
jlf23tumble · 2 years ago
Note
petition for u to recreate your louis bde masterpost jen? 👀 would sign 10000 times
This is so sweet! I'm feeling kind of lazy, so maybe that's a future gift to the world, but for now, enjoy these two posts that both inspired me to create it and gave me places to start (obviously, these are old--in one case, a decade old--so truly, there's more to mine here!)
Post 1
Post 2
That second post has a LOT goin' on from all over this amateur porn aesthetics-LIVING band
4 notes · View notes
avarkriss · 3 years ago
Text
Tumblr media
if anyone needs me, i'll be launching into orbit
90 notes · View notes
pinkcatharsis · 4 years ago
Note
Okay I saw this for kakairu but I feel like this would be sooo much better for iruyama of just wild rumors going around about iruka being a sex god and ruining sex for everyone he sleeps w bc he’s THAT good and he has no idea and everyone who hears it is just like hmmmm I have doubts
So a couple of guys drinkin bein bros hears it and tenzo gets a littttttlw tipsy and is like yolo let’s try I’ll get in on this bet to see if he’s really that good
Next day tries to seduce/flirt/pickup iruka as he’s leaving the tower w scrolls but iruka sees a bunch of jounin watching around the corner and guesses it’s a bet or something so he takes tenzo to a supply closet blows his mind and has him screaming out iruka name and iruka leaves the closet pristine and as put together as he went in and waving at the jounin outside the door and then tenzo appears totally fucked out looking and just pays genma his bet money and starts walking off talking about needing to propose to iruka lol
Rule of thumb on how I write Iruka: he would never do this sober. Lol. He wouldn't blow someone who is obviously drunk either. No matter how attractive they are.
That being said, I can see this working if Tenzou is serious and flirting and in it for a quickie. SURE. The thrill behind doing it fast and dirty is a train Iruka can get on. Tenzou screaming though? Yah, no. Not my Tenzou anyway. He's too well trained to be loud.
But sure, Iruka would blow that BDE. 10000%
Here you go.
SMUT AHEAD -- HAPPY VALENTINES! 🥰
In the small cramped, utility closet, Tenzou thumps his head back against the metal shelf, his fingers releasing its iron grip at the base of Iruka's now mostly freed ponytail, a soft grunt flowing past e job of his exposed Adam's apple. He had to tug down the chin guard earlier, when Iruka's mouth had taken the length of his cock, all of it, mouth stretched full with the girth and heat of his flesh, stroking it salaciously, pre-cum and saliva running down his chin.
Looking down at Iruka now, just past ridge of his nose, Tenzou watches with slow, forcibly measured breaths as Iruka pulls back, releasing the head of his cock and catching the last bit of cum with the tip of his tongue. Greedy. Hungry. Tenzou watches with nothing short of fascination as Iruka swallows cleanly, like he's finishing his meal.
Iruka brushes the back of his hand over the corner of his lips, clearing his throat that must be so raw now, scraped viciously with the way Tenzou had pretty much held on to Iruka's head and fucked the demanding, pertinent mouth with his cock. Iruka had taken it without complaint, with a bit of a grin tugging around the corners of his mouth, a flaming glow in his eyes as he looked up at Tenzou, kept his gaze locked on Tenzou the entire fucking time -- gods.
Tenzou couldn't do anything except snap his hips forward, following helplessly the brutal pace Iruka had set with his mouth and tongue, intent to suck Tenzou dry. Tenzou couldn't do anything except surrender, gritting his teeth to the point that his jaw HURT, from how hard he's grinding his teeth to keep quiet, to not groan out loud, or worse, say Iruka's name. When all he wants to do is just sigh those two syllables out. His lower lip is swollen now, throbbing with a dull ache from where he had bitten down upon in it in an effort to have some sort of control.
Tenzou swallows thickly, watching Iruka lean back and pluck the hair tie out Tenzou's fingers, neatly and quickly redoing his ponytail on his knees. Tenzou watches as Iruka straightens his forehead protector, checking the front of his uniform for any of the meas, any hint of Tenzou's filth. Iruka actually makes a pleased humming sound when he finds he's clean.
Unlike Tenzou.
Who still leans there, with his still softening cock hanging out by his leg. Something that Iruka not so gently ticks back and away, tugging Tenzou's pants that had been stripped down to mid thigh up and proper, buttoned and zipped, vest secured before Iruka has audacity to reach into his utility pouch for a small bottle of sanitizer. Something hensquirts liberally into his hands and proceeds to wash his hands right there, in front of Tenzou, before tucking that away and shaking his hands to air dry.
"Uhm..." Tenzou managed to say, intelligently, before he blinks and clears his throat, still trying to gather himself after having the orgasm ripped right out of him. Sucked right out of him.
Iruka leans over and kisses him, slanting his mouth over Tenzou's lips and pushing his tongue past the slight parting in shock lips of Tenzou's mouth.
In the poor lit room, Tenzou remembers he has functioning hands and manages to place them on Iruka's hips, his grip turning bruisingly hard, as he tastes his own cum on a Iruka's lips, mixing with sweetened honeyed tea and what had been dried fruit, Tenzou remembers seeing. Iruka had been snacking on dried apricots when he had approached him on the desk and all but asked Iruka if it was true, that your mouth is heaven, so they say.
Iruka had just looked at him for a very long time, huffed bemusedly, then asked Tenzou to follow him somewhere private. Where Iruka then shoved him against the shelves, shushed him and told him, I like it when my mouth is fucked and you hold my hair.
Mere thirteen words.
And now, Iruka is slapping him across the cheek, grabbing Tenzou by the jaw and chin, shaking him a bit as though Tenzou is a mere child.
It's a little humiliating.
Iruka then says, "I hope you lost the bet spectacularly. And that you're broke and eat dirt cheap for weeks, Yamato-san."
Eighteen words.
Before grins cheekily, charming dimples dotting his cheeks. Vainglorious. Fucking beautiful.
Then Iruka is gone.
Thirty one words is all it took for Tenzou to swallow, staring at the ceiling and halogen light for a long time, before he exits the utility room.
He's going to have to make a cash withdrawal to pay off his bet.
Something he finds, is well worth that little fifteen minute adventure in the utility room.
He can live on ramen and bread for a while.
*
Hope you liked that anon. Literally wrote it now on my phone as I answer this lol!
28 notes · View notes
rogers-sweatbands · 6 years ago
Text
what hogwarts houses the members of queen are in
A/N: oops this contains some hot takes (in my opinion) but this is what i wholeheartedly believe. enjoy !!!!!!!!!
Freddie: Gryffindor
okay this mans is 100% a gryffindor
like this should not be a surprise to anyone
first off, we all know that harry potter is 100% problematic and loses house points for them all the time
now imagine freddie
he would totally make gryffindor lose points on a daily basis just because he was being himself
gryffindors are also judgemental
and freddie is the king of the judgmental face
we all know this
it takes approximately three (3) minutes hanging out with a gryffindor before you get into some ~*trouble*~
freddie’s parties were def the same way, y’all
3 min in ?????? things got fucking insane
it’s hard to admit this, but without gryffindor, there wouldn’t be much of a story for hogwarts
because not much shit would go down
and hogwarts would be a whole lot safer
and the same is true for queen
like, without freddie, queen wouldn’t have much of a story either !!
moving into gryffindor qualities:
brave-
this honestly doesn’t need much of an explanation
an lgbtq+ icon
went through AIDS during the 80s (such a scary time)
did not give a single fuck about what anyone thought of him
is the actual definition of bravery
loyal-
not to be dramatic, but freddie would have died for any of the other boys
he loved them so fucking much
i hope they know that oof
although he had his moments, freddie was so loyal to all the guys and was/is so fucking amazing ugh
wise-
because of his life experience and different outlook on life, i feel like that made freddie so wise
he had all of these different perspectives compared to a lot of other people
and he would showcase these perspectives in his music
freddie was just so fucking amazing, my heart
i think freddie is muggle born
and he owns it !!!!
he is so proud of his heritage but is also so into the fact that he’s a wizard
freddie is the cutest gryffindor ever awwww
plus he’d look amazing in scarlet and gold
Brian: Ravenclaw
this choice should come as no surprise as brian harold may is a true and true ravenclaw
we’re going to start off with how ravenclaws are all so goddamn cool and intelligent ????? like wow, no one can top that shit
brian may is literally a rockstar and astrophysicist and that’s some hardcore ravenclaw energy right there
ravenclaws are also so hardcore interested in the universe
they nut for philosophical conversations and that sort of shit
look at luna lovegood for example
this girl always had the coolest and most interesting shit to say
she is also so fucking smart and no one really believed it for a hot minute and that makes me so angry
ravenclaws also have the ability to see past the surface of what’s in front of them
brian totally has the ability to see past the front that someone has so carefully put up and would get to know you for who you are
also, he looked up at the stars one day and saw them for so much more than glittery things in the sky
it sparked such a passion in him
ravenclaws also take friendship so fucking seriously
friendships are cherished so much within ravenclaw, sometimes even more than their cleverness
bringing up my girl luna again
we find out in deathly hallows that luna literally had decorated her room with portraits of her best friends in the entire world
and all of these paintings have a thin golden chain weaving around them to connect them that literally reads the words “friends” over and over
that’s some cute ass (and kind ass) shit right there
moving into ravenclaw qualities:
intelligence-
we all already know that this man is smart as shit
he has a fucking phd
(i’m repeating this for emphasis) a phd
in space dust !!!!!!!!!!
like this mans started his phd, went and became a member of one of the biggest bands of all time, and then literally went back and finished his phd
he is so smart it makes me want to cry
creativity-
what’s so amazing about bri’s creativity is that it all derives from how fucking smart he is
look at the songs he’s written... like, he’s a musical genius
and even on the songs he didn’t write, he was still super helpful with coming up with the guitar lines which is fucking sick as hell
they’re all so fucking good too
we stan a creative king
acceptance-
from a young age i think brian realized that his interests were probably a lot different than his peers
not only was he constantly thinking about the stars and what was going on in the universe, he also had such a passion for music
this prob led to him standing out from everyone else in a good way
and he had to come to terms with it 
but boy did he bc look at him now, that rockin’ space man
tbh i see brian being a half-blood
because he’d have understanding of both the wizard and muggle worlds
something that would benefit his intelligence even further
the tea is that brian may is such a perfect ravenclaw it makes my heart hurt
Roger: Gryffindor
ok so we are starting this out with the fact that roger meddows taylor is in no way a slytherin
he is a gryffindor in the same way the weasley twins are gryffindors
they’re all so fucking cheeky (sorry for using british slang as an american, we just don’t have a term to perfectly embody what they all are)
rog is chaotic in a gryffindor way and not in a slytherin way
gryffindors literally die if the attention isn’t on them and that’s just the tea
they are always constantly throwing themselves into shit they have no reason to be involved in
this boy would literally throw hissy fits all the damn time and that is true gryffindor energy
HE LOCKED HIMSELF IN A CUPBOARD BECAUSE HE DID NOT GET HIS WAY FOR FUCKS SAKE
in summary, roger meddows taylor invented being the boy in the cupboard before harry potter
gryffindors are also a bit arrogant about the fact that they’re gryffindors
sorry, it’s the truth
and roger literally lives up his own asshole
which is really hot but besides the point
they also think their opinion is best
always
we’re bringing up i'm in love with my car again because this boy would not fucking let it go
tbh he prob thought that song deserved song of the year... lbr
gryffindors break the rules all the god damn fucking time and always get away with it
literally rog with anything
that boy probably could have killed a man and everyone would’ve been like ????? did u see something ?????? he’s got all my uwus, that sweet lil murder baby
also gryffindors are hella hot headed
“he would fly off the handle all the time” -brian may
he would throw televisions out the window
the literal definition of hot headed
moving into gryffindor qualities:
brave-
this boy gave literally zero (0) fucks about what anyone thought of him
his friends used to call him rainbow and he WENT WITH IT
toxic masculinity in reference to his wardrobe ????? not here !!!!!!!!!!!!
loyal-
despite all the fights he’d get into with the boys, he loved them so fucking much and could never imagine himself without them right there
like yeah, they disagreed a lot
a lot, a lot
but they’d always come back together in the end
cunning-
FIRST OF ALL, ROGER TAYLOR IS SO FUCKING SMART AND FUCK ALL OF Y’ALL WHO MAKE HIM SEEM LIKE THE DUMB MEMBER OF THE BAND
because he isn’t
ok tea, to be cunning, you gotta be smart
also, he could be quite cunning with the ladies & we all know this
like damn, that man could say “butterbeer” into my ear and i would probably cum
also rog is def skillful and used his cunningness to get what he wanted in the end
i'm in love with my car being the b-side of bo rhap ???? yeah, he played the band like a fucking harp
i think rog would be a pure-blood
prob because he can be so cocky (and most pure-bloods are seriously so cocky about the fact that they’re pure-bloods)
even harry could get cocky about it sorry but it’s the truth
also rog looks like a lion and gryffindors literally nut about lions
John: Slytherin
i’m going to start this by saying i know this is a hot take but john being a slytherin is seriously one thing i hold so close to my fucking heart. don’t @ me
we’re going to start off with the fact that even when he had his soft™ moments, he still exudes chaotic energy 100000% of the time
john is the most chaotic member of the band and he knows it too
as a slytherin, i can honestly say that we are literally the most chaotic people in the world
slytherins also exude big dick energy 10000% of the time
john is the perfect representation of this
his bde is seriously off the charts, holy fuck
slytherins will push you to succeed
this is because we have so much confidence
sometimes our confidence is confused for cockiness though, not all confidence is cocky !!!!!
guess what ??? that confidence we possess goes toward other people too !!
john ????? yeah we all know how supportive he was towards the other boys
seriously wants nothing more than for them to succeed
he still is that way
moving into slytherin qualities:
resourcefulness- 
THIS MAN MADE HIS OWN FUCKING AMP?!?! LIKE, HE LITERALLY BUILT THAT SHIT ON HIS OWNNNN
he also loved to discuss how much he loves diy projects in written interviews (as a fun pastime of his)
lemme tell you, diy-ers are the most resourceful bitches ever
seriously, go speak to your local diy-er
they could probably make a refrigerator out of a toothpick, three thumbtacks, and a litter box
cunning- 
this mans was known as the “shy” and “more reserved” member of queen (which we have all learned isn’t the fucking case)
he literally let himself slip under the public radar despite having such chaotic energy
he ran with that shy boy™ title and played us for so long
not that i'm mad but like, damn boi
ambition- 
this bitch literally got an honors degree in electronics while queen was recording a fucking album
he literally sat his FINAL EXAMINATIONS WHILE RECORDING A DAMN FUCKING ALBUM
sorry but if that ain’t ambition idk what is
it’s also hella sexy he did that oops
fraternity- 
john richard deacon, born the 19th of august 1951, embodies the definition of the word fraternity 
he loved each of the other members of queen with his whole fucking heart
the definition of fraternity is “the state or feeling of friendship and mutual support within a group” and john literally did that
the tea is that i think john would be a pure-blood
but he wouldn’t be a dick about it
but like, he’s definitely a pure-blood
and slytherins are most commonly pure-bloods
which sucks because muggle borns and half-bloods are dope af
also, john could be such a sneaky snake, don’t test me
plus, you can’t be that fucking kinky (ya know, freaky deaky if you will) and not be a slytherin
sorry, i don’t make the rules.
in summary, john is a slytherin. thank u for coming to my ted talk.
854 notes · View notes
webdesignersolutions · 7 years ago
Link
I run a hosting company which host mostly WordPress sites. As you know brute force attacks on WordPress has been a big issue for the past few years. About six months ago after I was able to block most attacks they got even stronger and harder to stop. I figured out how to block them 99% of the time which keeps my server resources down and keeps my clients sites from wasting resources.
If you run your own servers you can use the guide below to protect your clients sites.
This guide is for someone running cPanel 64 or greater with EasyApache 4. Parts of this guide will work for cPanel 58-64 and EasyApache 3 however some features may be missing.
Writing this current guide base on my current server setup. These methods may work with other platforms such as Plesk but I don’t have the environment to test.
Step One – Apache Config
The first thing I did was block ALL xmlrpc.php traffic from anyone but WordPress IPs. These IPs may changes but the list I’m currently using has been working fine for over a year.
You need to add the code below in your apache config. If you’re running cPanel you can login to WHM and search for Apache Configuration. Once you’re on that menu select Include Editor and select the All Versions drop down under Pre VirtualHost Include.
Screenshot
Add your IP address so you can access everything after you block it
This code will redirect all xmlrpc.php and wp-trackback.php to localhost aka 127.0.0.1. You may have clients that use both so make sure they’re not using the WordPress app or using Trackbacks. We decided as a company to block them because they were used for attacks more than anything and not one of our clients reported issues either. If they need xmlrpc.php or wp-trackback.php you can put them on their own server. No need to compromise your security for one client.
<FilesMatch “^(xmlrpc\.php|wp-trackback\.php)”> Order Deny,Allow Deny from all Allow from *.wordpress.com Allow from 192.0.64.0/18 Allow from 185.64.140.0/22 Allow from 2a04:fa80::/29 Allow from 76.74.255.84 Allow from 76.74.255.85 Allow from 192.0.65.204 Allow from 192.0.65.205 Allow from 192.0.80.244 Allow from 192.0.80.246 Allow from 192.0.96.247 Allow from 192.0.96.248 Allow from 192.0.123.250 Allow from xxx.xxx.xxx.xxx <—————- **ADD YOUR IP ADDRESS OR REMOVE THIS LINE** (If you don’t the config will error) Satisfy All ErrorDocument 403 http://127.0.0.1/ </FilesMatch> Step Two – Mod Security
The next step requires Mod Security to be installed. This is a free option within cPanel. Hopefully you’re running the latest cPanel 62+ which has a nice interface for Mod Security.
You can install Mod Security via EasyApache 4. Once you’re login to WHM search for EasyApache 4. Since you most likely already have a running config you can click the blue button to customize your current config. Once everything loads click Apache Modules and search for mod_security. You want to have mod_security2 and mod_security2-mlogc. (You may already have mod_security2 installed but mod_security2-mlogc is a new feature since cPanel 62+.
Screenshot
If yours shows blue and unaffected you already have both installed. If not hit next until you get to the review screen and hit provision
(If you’re running cPanel 62 it’s called modsec-sdbm-util. If you’r’re not running 62+ you can install the plugin from Kenneth Power github https://github.com/escherlat/modsec-sdbm-util)
What mod_security2-mlogc does is clean up your ModSec logs so they don’t get really large in size. I had an issue where the log file /var/cpanel/secdatadir/ip.pag would get 25GB in size and cause the server to overload.
Once you have ModSec installed you can install click the WHM icon at the top left to refresh the page. Then search for ModSecurity in the WHM search panel. Select ModSecurity™ Vendors and add / install the OWASP ModSecurity Core Rule Set V3.0 rules. (You may already have the 2.0 rules installed) Personally I’ve found the 3.0 rules to be better than the 2.0 rules. I have disabled the 2.0 rules all together.
Search for ModSecurity™ Configuration within WHM and make sure everything is turned on. I have Audit Log Level set to Only log noteworthy transactions, Connections Engine set to Process the rules, Rules Engine set to Process the rules. You can setup the other stuff as well such as Geolocation Database and Project Honey Pot if you want but I’m not going to talk about those within this guide.
Step Three – CMC
You don’t need to install this if you want to modify the files via command line or ftp but I found it’s easier using this plugin. The install instructions are pretty easy.
https://www.configserver.com/cp/cmc.html
Install instructions: https://download.configserver.com/cmc/INSTALL.txt
Once you have CMC installed you can click the WHM icon at the top left to refresh the page. Search for ConfigServer ModSec in the WHM search and select it. Scroll down to the bottom and select modsec/modsec2.user.conf under ConfigServer ModSecurity Tools and select edit.
This is the rule that will block 99% of the attacks. In the last 7 days it’s blocked over 42,5000+ attacks!
Add the following entry: (More about the other rules below – Do not add them until you read the rest of this post)
<Locationmatch “/wp-login.php”> SecRule REQUEST_METHOD “POST” “deny,status:401,id:972687,chain,msg:’wp-login request blocked, no referrer'” SecRule &HTTP_REFERER “@eq 0” </Locationmatch>
Screenshot
What this does is block any connection that doesn’t have a referrer (https://en.wikipedia.org/wiki/HTTP_referer)
Step Four- CSF
Hopefully by now you already have a firewall installed however if you don’t you need to install ConfigServer Security & Firewall.
https://configserver.com/cp/csf.html
This is another easy install.
https://download.configserver.com/csf/install.txt
Once you have CSF installed you can click the WHM icon at the top left to refresh the page. Search for firewall in the WHM search and select it. If you don’t already have it setup click Firewall Profiles under csf – ConfigServer Firewall and select one to fit your environment. I always start with protection_high and adjust some settings so if you don’t know how CSF works pick medium and apply profile. It will ask you to restart csf & lfd.
Once the page refresh select Firewall Configuration. Search for LF_MODSEC. The default should be set to 3 or 5 depending on the profile you have. You can start with 3 as you monitor the blocks however I have mine set to 1 because I don’t get anymore false positive on ModSec so if someone hits a ModSec rule once they are automatically added to the firewall block. I also have DENY_IP_LIMIT set to 5000 and DENY_TEMP_IP_LIMIT set to 1000. The limit you set depends on your servers. I could have a lot higher but feel 5000 is a good limit.
Screenshot
Screenshot
One last step is setting up ldf blocklist. You can find this on the main firewall screen (very bottom) after clicking it from the WHM search. You will find a few entries already in there by default but I added two to my list. Below is my current config for blocklist.
The two other list I added were myip.ms Latest blacklist and myip.ms user submitted blacklist. You may also not have GreenSnow Hack List depending on your CSF install.
PLEASE NOTE: You may not be able to use all of these depending on your server size. I suggest adding one or two at a time and slowly add the others over the next few days. Watch your server load and loading time of your clients sites to make sure the firewall is not slowing down your server.
Screenshot
# Spamhaus Don’t Route Or Peer List (DROP) # Details: http://www.spamhaus.org/drop/ SPAMDROP|86400|0|http://www.spamhaus.org/drop/drop.lasso # Spamhaus Extended DROP List (EDROP) # Details: http://www.spamhaus.org/drop/ SPAMEDROP|86400|0|http://www.spamhaus.org/drop/edrop.lasso # DShield.org Recommended Block List # Details: http://dshield.org DSHIELD|86400|0|http://www.dshield.org/block.txt # TOR Exit Nodes List # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList TOR|86400|0|https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.2.3.4 # Alternative TOR Exit Nodes List # Details: http://torstatus.blutmagie.de/ ALTTOR|86400|0|http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv # BOGON list # Details: http://www.team-cymru.org/Services/Bogons/ BOGON|86400|0|http://www.cymru.com/Documents/bogon-bn-agg.txt # Project Honey Pot Directory of Dictionary Attacker IPs # Details: http://www.projecthoneypot.org HONEYPOT|86400|0|http://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1 # C.I. Army Malicious IP List # Details: http://www.ciarmy.com CIARMY|86400|0|http://www.ciarmy.com/list/ci-badguys.txt # BruteForceBlocker IP List # Details: http://danger.rulez.sk/index.php/bruteforceblocker/ BFB|86400|0|http://danger.rulez.sk/projects/bruteforceblocker/blist.php # OpenBL.org 30 day List # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.openbl.org OPENBL|86400|0|https://www.openbl.org/lists/base_30days.txt # MaxMind GeoIP Anonymous Proxies # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.maxmind.com/en/anonymous_proxies MAXMIND|86400|0|https://www.maxmind.com/en/anonymous_proxies # Blocklist.de # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.blocklist.de # This first list only retrieves the IP addresses added in the last hour BDE|3600|0|https://api.blocklist.de/getlast.php?time=3600 # This second list retrieves all the IP addresses added in the last 48 hours # and is usually a very large list (over 10000 entries), so be sure that you # have the resources available to use it #BDEALL|86400|0|http://lists.blocklist.de/lists/all.txt # Stop Forum Spam # Details: http://www.stopforumspam.com/downloads/ # Many of the lists available contain a vast number of IP addresses so special # care needs to be made when selecting from their lists #STOPFORUMSPAM|86400|0|http://www.stopforumspam.com/downloads/listed_ip_1.zip # GreenSnow Hack List # Details: https://greensnow.co GREENSNOW|3600|0|http://blocklist.greensnow.co/greensnow.txt # myip.ms Latest blacklist # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time MYIPMSBLACKLIST|86400|0|https://myip.ms/files/blacklist/csf/latest_blacklist.txt # myip.ms user submitted blacklist # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://myip.ms/browse/blacklist/1/usrs/0/Yes_Blacklist_IP_Addresses_Live.html MYIPMSUSERS|86400|0|https://myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt
After you have made the changes above hit change and restart csf & lfd.
Bonus – modsec2.user.conf Bad Bots
We had a lot of issues with Baidu and Yandex using a lot of resources on clients sites so we decided to block them all together. We also have a bad bot list we put together from resources online which you can block via ModSec.
First thing you want to do is create a file badbotlist.txt under /etc/apache2/conf.d/modsec/ or on your computer and upload to /etc/apache2/conf.d/modsec/.
Add the text from this document into your file.
ModSec Bad Bots List: https://docs.google.com/document/d/1SjtAywpkLR6dX0Va_tKgpdMxAIOsHTf_xcMaQ5XK6no/edit?usp=sharing
Once you have the file add this to your modsec/modsec2.user.conf (You can do this via ConfigServer ModSecurity Control)
SecRule REQUEST_HEADERS:User-Agent “@pmFromFile badbotlist.txt” “id:350001,rev:1,severity:2,log,msg:’BAD BOT – Detected and Blocked. ‘”
Hit change / restart CSF & LFD
Bonus – modsec2.user.conf xmlrpc.php
While xmlrpc.php is getting blocked via Apache Config I noticed some slipping though if the attacker is trying to break into /blog/xmlrpc.php
Adding this code below will stop those attacks.
<Locationmatch “/xmlrpc.php”> SecRule REQUEST_METHOD “POST” “deny,status:401,id:48658231,chain,msg:’xmlrpc request blocked, no referrer'” SecRule &HTTP_REFERER “@eq 0” </Locationmatch> Bonus – Extra Modsec Rules
I also noticed some attackers trying to exploit by doing // in front to get by the main block those.
SecRule QUERY_STRING “//” “redirect:http://127.0.0.1,id:2894326” Bonus – Comodo ModSec
Comodo has a nice set of ModSec rules that you can add via ModSecurity™ Vendors inside WHM.
Here is a guide on install those rules.
https://help.comodo.com/topic-212-1-670-8350-.html
Bonus – Cloudflare Page Rules
Cloudflare allows you to use three page rules for free. If you have a client that is still getting a lot of attacks I highly suggest putting them on Cloudflare. Here is a guide how to setup the page rules.
After you have the site added to cloudflare and the name servers changed / verified. Go to Page Rules.
Cloudflare allows you to have three page rules for free. If you need more it’s only 5 dollars for 5 more.
These are the three that i’m using to block most attacks via cloudflare.
Create a rule with the following matches.
First rule
(This rule is only for a bot or someone visiting wp-login.php and not the rest of your site)
URL Matches: yourclientsdomain.com/wp-login.php
First setting: Browser Integrity Check – On (Documentation)
Second setting: Security level – I’m under attack. (Documentation)
Screenshot
Second rule
(This rule is only for a bot or someone visiting /wp-admin and not the rest of your site – Kind of redundant since wp-admin redirects to wp-login.php but saves a php process redirecting)
URL Matches: yourclientsdomain.com/wp-admin
First setting: Browser Integrity Check – On (Documentation)
Second setting: Security level – I’m under attack. (Documentation)
Screenshot
Third rule
(This rule is only for a bot or someone visiting xmlrpc.php and not the rest of your site)
URL Matches: yourclientsdomain.com/xmlrpc.php
First setting: Browser Integrity Check – On (Documentation)
Second setting: Security level – I’m under attack. (Documentation)
Screenshot
If this client has their own server because they use xmlrpc.php change security level to high. This will still block most bots and allow WordPress Android, iPhone, and Windows app to work. If not, you can just keep it as I’m under attack.
Screenshot
Final Steps
Monitor your ModSec Hit List by searching for ModSecurity™ Tools under WHM. Search and monitor the IPs getting blocked in the firewall to make sure legit traffic isn’t getting blocked.
You can view the original post with images at the following sites.
https://troyglancy.com/stopped-wordpress-brute-force-attacks-server
https://medium.com/@troyglancy/how-i-stopped-wordpress-brute-force-attacks-b8ad8bbd2081
Submitted August 03, 2017 at 07:44PM by messyentrepreneur https://www.reddit.com/r/webhosting/comments/6rhmvy/how_i_stopped_wordpress_brute_force_attacks/?utm_source=ifttt
from Blogger http://webdesignersolutions1.blogspot.com/2017/08/how-i-stopped-wordpress-brute-force.html via IFTTT
0 notes
avarkriss · 3 years ago
Text
IF ANYONE NEEDS ME I WILL BE SOBBING
7 notes · View notes