Support

Hello Markus,

No. I have personally explained why in more than two dozen support tickets. Long story cut short: if you are manually blacklisting IP addresses you are doing it wrong. The correct way to deal with these issues is two-fold:

1. Set up the automatic IP blocking in Admin Tools and let it handle the IP block by itself.
2. If you want to prevent repeated attacks from the same IP without bringing your server to its knees ask your host to install and configure Fail2Ban. Since Admin Tools blocks an attacker with an HTTP 403 response (albeit with a big CPU cost since it's a PHP process running in your web server) and any further requests from that IP also result in HTTP 403 Fail2Ban will "see" that in the log and auto-block this IP at the server level. This is over a thousand times more efficient than blocking an IP at the web application (Joomla!) level. The downside is that you need cooperation from your host or a managed server to set this up!

Furthermore, the main reason we do not implement a cross-site IP blacklist is that the API to share the blacklist could in itself be used to attack your site with a Denial of Service attack, blacklisting your IP. Protecting the endpoint sufficiently would be CPU intensive and could be used as another denial of service target (pound it hard until the server croaks from the CPU load). Furthermore you start having concurrency issues, MySQL tables crashing, locked tables increasing your page load time etc. It would be a TERRIBLE idea to implement it with exactly zero security benefits. We've done the hard analysis for you, we know just how futile this is. Trust us.