Brute force attackers IP address list

Hacker bots are continuously poking my sites looking for vulnerabilities:

Site lockout notification

For an additional layer of protection I'm constantly adding offending addresses into a hosting-wide block list:

deny from 196.251.72.213

If a subnet xxx.yyy.*.* is encountered more than three times, I'm blocking it entirely:

deny from xxx.yyy.0.0/16

The list is an Apache config-file and also contains exclusions for the most popular file targets and Cloudflare addresses:

<Files "*">
order allow,deny
allow from all
deny from xxx.yyy.zzz.qqq
...
#Cloudflare
allow from 103.21.244.0/22
...
</Files>
<Files "xmlrpc.php">
order deny,allow
deny from all
</Files>
<Files "wp-config-sample.php">
order deny,allow
deny from all
</Files>

Since this list has more than three thousand records already, it could be useful for the wider public. Download available without registration and updated weekly: blocked-ips.conf

Rating: 
Tags: 
Brute Force
Ip address list
Brute force protection
Hacker address list
Attack protection
[email protected]