Wordfence is awesome

I’m not affiliated with Wordfence in any way, but if you use WordPress it’s just stupid not to use at the very least their free product. In addition to protecting your shit, it also gives you interesting IP’s that are (IMO) fair game to poke around at, like so:

An image showing ip addresses of attackers by country and a count of attacks. Spain has 21, the next highest is Ukraine with 14
Wow, what happened Spain? I thought we were cool.

I’ve found a bunch of interesting vulnerabilities on boxes that come up in this list. I would usually try to report to the owner or try to dispose of the malware if I can get in and do it myself. Pretty sure that’s illegal though, so I’m purely speaking in the hypothetical here.

Zip Bombs

If, like me, you get a constant bombardment of drones probing your site for vulns, how can you fight back?

Check out David Fifield’s hot zip bomb: https://www.bamsoftware.com/hacks/zipbomb/

WARNING: do not unzip the fucking zip file pointed at below unless you’re in a VM. You can actually damage your filesystem beyond repair. I don’t wanna be responsible for that shit.

This is pretty hilarious if you can get some malware to find and scan your file, say, by adding a disallow in your robots.txt with something that looks too-good-to-be-true.

I’ll report back with how successful this actually is. There’s a neat article here: https://blog.haschek.at/2017/how-to-defend-your-website-with-zip-bombs.html that describes a gzip use case that would definitely be more effective, but ATM I have no time to implement it. I would love to though.