[Defender] Submit Abuse Reports from Defender IP Lockouts

It would be pretty cool if I could automatically or even manually report bad IP addresses which Defender has locked out to one of the online abuse databases, it would be even better if I could look them up on that database before I submit them.

I know that might not be possible, but it'd still be cool.

  • Adam Czajczyk
    • Support Gorilla

    Hey Guy

    I hope you're well today!

    Just to make sure that I correctly understand the idea:

    you would want to get some additional buttons in Defender lockout logs for each locked IP that would 1) provide some sort of more detailed report on that specific IP based on various online blacklists/abuse lists sources and 2) that would let you submit such IP to these lists.

    Is that correct? Are there any specific lists that you have in mind/would want to suggests?

    Best regards,

    • Guy
      • n00bl0rd

      Hi Adam Czajczyk !

      I'm good thank you!

      I use abuseipdb.com to verify the validity of locked out IPs to make sure I'm not blocking important bots or crawlers. So at the minute I'm manually copy/pasting the IPs to see if they've been reported and individually reporting IPs which have port-scanned or brute-force attempted my WP installations.

      It would be good if Defender could do both 1) & 2) of your reply, however, I understand this might require quite a bit of work to implement and would need to be done in conjunction with one of these types of database.

  • Predrag Dubajic
    • Support

    Hi Guy and thanks for the additional info on this.

    This certainly sounds like an interesting integration, and maybe a quite complex one, but that would be more on devs to investigate, so I have passed your request over to them for further discussion :slight_smile:

    Thanks for your suggestion!

    Best regards,

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.