This month we have two new IP blacklist slightly different from the lists we have published before: TOP100-LATEST-IP and TOP100-1D-IP. These new lists are the result of our BigData crunching processes over the hundreds thousands of IP addresses analyzed every day. You can visually see it on our IP addresses Blacklist Ranking page updated every hour.
Blocking 500 million users is a serious thing. Still, I have found sites that have decided to implement the most secure way to comply with the new GDPR: Block all EU users! Yes, it’s hard to believe that somebody takes such a drastic decision, but it’s happening. Trying to walk in the shoes of these GDPR Taliban, I realized that I wrote just a few days ago how to block all the traffic coming from one or more continents with Cloudflare Workers and Apility API! So, I realized that I have just created the most simple and powerful tool to be 100% GDPR compliant! No Europeans? No problem anymore!
In a previous article, we explained how to pass as a header attribute the blacklists to which an IP belongs thanks to the capabilities of the Cloudflare Workers. In this article, the traffic never was redirected in the event of a malicious IP address, delegating that responsibility to the developers checking the content of the HTTP header. This is valid for those who have full control over the server-side code, but for those who only use Wordpress or Drupal tools they could not use the script.
Here comes a good bunch of more malicious IP addresses lists into our databases. Here goes the details of the new IP Blacklist of April 2018: BOTSCOUT, TEAMCYRU-BOGONS, TOR-BLUTMAGIE, BLOCKLISTNET-UA, BITNODES-IO, BLOCKCHAIN-INFO, BBCAN117, IANA-BOGONS, ALIENTVAULT.
If you have a SaaS service or you manage the registration system in a forum I am sure you are familiar with this problem: A user registers for the first time in your service, and for some reason decides to create not one, but multiple accounts. When he has consumed the trial period of one account, then he consumes the credit of the other accounts he created. This is the case for Automatic IP address quarantine.
When a cybersecurity expert performs threat intel work, he or she needs to contrast information from different sources to obtain the most detailed picture possible of the scenario he or she is investigating. One of these fundamental tools is the WHOIS service offered by the Regional Internet Registries (RIRs)…
We incorporate a new domain blacklist: SQUIDBLACKLIST. Squidblacklist.org is a service for network administrators the highest quality domain blacklists available for effective, targeted inline filtering leveraging various content control applications and platforms, including Squid Proxy.
We have been incorporating more malicious IP addresses lists into our databases. Here goes the details of the new IP Blacklist of March 2018: BRUTEFORCEBLOCKER, SSLBL, UCEPROTECT and ZEUS.
In this madness that is the evolution of Cloud Computing services without a doubt the newest and coolest thing are Serverless computing services. In this new paradigm mode of consumption of computing resources, we no longer have servers, underlying operating system, file system, or even system administrators. Welcome to the No-Ops world! Cloudflare offers us a new serverless computing service called Cloudflare Workers that fulfills all these characteristics and many more.
Every day Apility.io’s scraping services analyze almost a hundred black and blocking lists distributed throughout the network. Between IP addresses, email and domains resource the number of active resources in our database fluctuate between 3 and 4 million items. Although this number of items is easily manageable with today’s technology, when we talk about the number of transactions carried out in the system, the numbers skyrocket.
UDGER.com is a leader in the detection browsers, mobiles, tablets, Smart TV .., also provides info about IP addresses (proxies, VPN, Tor exit nodes ..). Since 2005 the Udger team provides services to detect of user agent strings. This project was called user-agent-string.info and was until 2014 freely available. During 2014 they extended the reach of their components and created Udger.com. The company updates their database several times a day to detect more strings.
When a developer wants to know the location of an IP individually, the Apility.io Geolocation API is able to return the information in hundredths of a second. This behavior is perfect if you want to integrate the service within applications that make requests along with other logic such as web applications or apps. However, for applications that perform massive data processing, it is not feasible to make a request to the server every time a developer wants to know the geolocation of an IP address. In this case, the Bulk GeoIP Lookup service in the geolocation API comes to rescue!
All those of us who develop SaaS services know how important it is to attract the maximum number of users to our platforms so that they can test them, get to know them, become familiar with them and thus be able to start the conversion process from user to customer with some gained ground. Even letting some bad customers sign up.
Starting tomorrow, January 31st, the API endpoints that were running the services of Moocher.io will be permanently disabled and all the users who are still using the endpoint in api.moocher.io will have to change it to api.apility.net. The capabilities of these services will not be reduced, on the contrary in Apility.io all services have been significantly improved and increased.
A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks vectors. While proxies generally protect clients, WAFs protect servers. Hence, a WAF protects a specific web application or set of web applications. Engineers consider a WAF a reverse proxy. WAFs may come in different forms, and the effort to perform this customization can be significant and as the application changes.
The services offered by our API are like a digital Swiss Army Knife. They can always help you find a way to solve a problem or implement a solution in your applications. For example, the Email Scoring service can be used to perform bulk Email Verification and Validation. Email verification determines whether or not an email address is fully valid and deliverable. The process involves a deep analysis of each email, and this is what the Email Scoring service does.
Cryptocurrencies are a new digital asset designed to work as an exchange method that uses cryptography to secure transactions. Bitcoin, Ether, Litecoin are some of them and they are becoming more and more popular. It is no longer a world for hackers and professional investors. Ethereum is
In Apiity.io we think that the world of software development is changing. Because it is moving increasingly over models where the server and the operating system don’t have a major role. This movement towards the concept of pure development and focus on core competencies increasingly shifts more responsibility to the developers.