Blacklisting sounds like an intimidating “tech speak” word for some mysterious process, but it’s really just a way to refer to excluding suspicious connections to your server. Computers that are known to engage in dangerous activities like phishing, spamming, or DDOS attacks are identified and added to a list and any further connection attempts from that computer are rejected. Since computers identify each other over the Internet based on their IP address, the blacklists that are most important for server security are IP blacklists. Nexcess uses a system based on Real Time IP Blacklisting to keep your website and data as safe as possible.
How Nexcess Blacklists Operate
Nexcess uses two main approaches to blacklisting to keep your website safe: greylisting and advanced threat detection.
Greylisting
Our security system constantly monitors the incoming requests to our network. When malformed or excessive requests are detected, the system compares the incoming requests against “bots” or programs that are known to be involved in abusive activities. If incoming requests match these patterns, our system will quarantine requests from that source for a brief period of time. If the requests persist or become obviously abusive, the source will then be blacklisted permanently.
Advanced Threat Detection
Nexcess utilizes a broad array of public sources to identify known sources of suspicious activity. Servers that use IP addresses on these lists will be blacklisted until the source IP has been proven safe.
Types of Threats/Attacks
Nexcess protects all of our customers from a host of abusive practices designed to slow down your website or gain access to your data. Our Real Time Protection will guard you against
-
Web-based Brute Force Attacks
-
Undesirable web crawlers/scrapers
-
Email harvesters
-
Comment/Discussion spam
-
Vulnerability Scanners
-
Compromised Web Hosts
-
Command and Control (C&C) bot networks
-
MaxMind bad-actor fraud networks
-
Cisco Talos known malicious networks
Protect Yourself Even More
While we are constantly monitoring and protecting our network and your server, there are additional steps you can take to help protect your website and data. See these articles to help improve your security and protect your business.