Summary:
Please integrate with abuseipdb.com so any login request (client side or admin side) will be check by abuseipdb and also automatically report suspicious IP addresses to them
The full request:
As anyone who has maintained a website or server knows, the entire Internet is being continually scanned and subjected to malicious attacks attempts , which are being carried out en-masse by hackers, spammers, and other bad actors from around the world. These actors use automated software to scan and attack millions of targets twenty-four hours a day - often originating from IP addresses associated with shady hosting companies, botnets, hacked servers, or other machines otherwise controlled by hackers.
While these wide-ranging attacks help hackers raise their chances of finding a vulnerable target to exploit, they also provide the opportunity for webmasters and systems administrators to share their system logs and proactively detect and mitigate attacks coming from IP addresses that are known to be associated with malicious activity.
That's our mission at AbuseIPDB - to provide an easy way for sysadmins to both report malicious IP addresses, and gain access to a crowdsourced list of bad IPs before they've even had the chance to attack your infrastructure.
Please integrate with abuseipdb.com so any login request (client side or admin side) will be check by abuseipdb and only if the IP is clean allow the login attempt (so any SQL Injection and other attacks will be automatically blocked even before trying to send the malicious code.
Also any IP addresses added to the Banned IPs list with a clear indication that this is an hacking / SQL Injection attempt should be automatically report to abuseipdb immediately.
This could work with this feature request as well:
https://requests.whmcs.com/idea/automatically-add-ip-addresses-that-an-sql-injection-attack-originate-from-to-the-banned-ips-list-with-no-expire-date This is the relevant abuseipdb API:
https://www.abuseipdb.com/api.htmlAnd also:
https://docs.abuseipdb.com/#introductionPlease add such feature and make WHMCS more secured.
Thanks
Ram
2 Comments
Login to post a comment.