Mass Import IP Blacklist From TXT

  • Resolved oliverkardos

    (@oliverkardos)


    3 years ago

    Hello!
    I have a list of IP addresses that I need to add to WordFence’s Blacklist in an efficient manner.

    I know I could add them one by one, but since I have more than 600 IPv4 addresses, it doesn’t seem to be time-effective to add them individually.

    I checked the database to see if I could add it directly there but they are stored in a hashed manner that I am not yet able to reproduce.

    How does one add 600 IP addresses into WordFence’s IP Blacklist? In other security plugins such as AIOWPS, there is a textarea where you can just copy paste them. I know, from a security perspective, that WordFence’s oversecured approach is a better approach but still I am unable to switch to WordFence until I sort this out.

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @oliverkardos, thanks for dropping us a message about this.

    Wordfence does have an export for IPs you have blocked, but currently no import. This is because Wordfence references extensive IP blocklists that our team check and maintain so that our customers don’t need to employ a similar time-consuming strategy themselves. IPs that may appear appropriate for blocking won’t necessarily be that way forever, which you probably know, but I like to ensure topics are good sources of information should anybody else find this during a search.

    I will say that 600 is a lot of IPs to block manually and can in some cases decrease performance, so I’d first recommend checking if any of those are in wider ranges that can be blocked instead.

    If you do still wish to import them yourself, the IP addresses are stored in IPv4-mapped IPv6 format. Within MySQL, you can get the right format using inet6_aton() like: inet6_aton('::ffff:127.0.0.1'). The ::ffff: is what allows IPv4 addresses to be stored in the same table as IPv6 addresses.

    You can also read IPs back from the table using a query like SELECT inet6_ntoa(ip) FROM wp_wfblocks7 WHERE... to confirm that an import worked. However, as we can’t support all custom actions and scripts people may wish to perform on WordPress/Wordfence, remember to take a backup of your tables beforehand in case something goes wrong.

    Thanks,

    Peter.

    Thread Starter oliverkardos

    (@oliverkardos)

    Hello Peter!

    Thank you so much for your prompt reply!

    I was able to solve it thanks to your super instructions! I was combing through WordFence’s PHP source files trying to determine how the adding logic worked and even though I found this inet6_aton() method, it never occured to me that I needed to add ::ffff: to the beginning of the IPv4 address. But surely this is an efficient way of storing data as now I can see that you are able to store both IPv4 and IPv6 addresses in the same table, reducing the number of lookup queries. Smart!

    You’re also right that 600 IPs in a list is just too much. I am working on determining ranges and patterns and by that, I think will be able to reduce this to about 80. Many of them can be converted into ranges, and actually I can replace some of them with a country-level block.
    Still, 80 IPs is more than what is convenient to type in by hand. So I will use this manual query to insert them into the DB.

    I ask you to please consider adding an IP list import option. In my opinion it would make the life of new users easier, who could be migrating from other security plugins. And it is not just IP addresses but IP ranges, too, that would be great to import on a nice graphical interface. I am willing to do it in SQL but not everyone will be. Please consider that ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Mass Import IP Blacklist From TXT’ is closed to new replies.

Tags