from Nerdsense

What a year! As most of you know I am new to writing and hosting blogs/webpages. I have learned quite a bit and today Ill talk about some of the security related events and blocks that have happened over the last year. The IP addresses I will be talking about and referencing today are IPs that I have logs for that have positively tried to either scan, harm, or interact with my webpage in a way that was not intended for the origional use or function of the webpage.

None

WAF

Youve heard me talk about a Web Application Firewall or "WAF" before. A WAF is a security measure that sits in front of your webpage and filters out bad traffic. I use Cloudflares WAF service which is free. You can check out how I secure it at this blog here.I use a tool called Fail2Ban on my server that further filters events or actions to a "jail" or block list that I then upload to Cloudflare if they meet certain criteria. I block the IP at the WAF level (Cloudflare) so that in the case this IP tries to visit my site again it gets blocked without ever reaching my network.

None

Who is trying to access my site?

Looking through the logs really opened my eyes to the number of people, companies, and bots that are always online legitimately scanning and indexing webpages. Some of them are 100% legitimate and are needed. Think of changes to a website for sales or different changes to articles or live updates that people may have alerts set up for. These indexes and scans are crucial for some people and businesses. Its hard to tell the difference between a good bot and a bad bot sometimes.

Some of the IPs that I have blocked are from well known companies like Microsoft, Google, Amazon, and Cloudflare itself. These companies have massive networks and IP ranges that they use for different services. Unfortunately some of these IPs are used for nefarious purposes as well. People can rent lease servers from some of these companies and while these hosting companies do infact do a great job at policing bad actors, some do slip through the cracks.

None

Above is a chart of the top visitors that have been blocked from accessing my webpage over the last year and then filtered by top abuse reports. The format is IP address followed by the number of abuse reports for that IP in parenthesis. The full list of blocked IPs is quite long and if you would like to see it please reach out to me via the contact link above. What you can see is that there is a lot of IPs that have tried to access my page in ways that were not intended and were positively blocked that turned out to be IPs that have hundreds and even in some cases thousands of other abuse reports associated with them. Blocking these IPs has helped keep my webpage safe and secure. To get the info behind the abuse reports I use a service provided by abuseipdb that allows you to do bulk lookups of IP addresses to see if they have been reported for bad activity. I highly recommend checking it out if you are interested in learning more about IP reputation.

What can you do?

There is nothing you can do to stop scans. What you can do is make sure you have proper security measures in place to help mitigate the risk of a bad actor being successful with any information they may find. Here are some tips to help keep your webpage safe:

  • Use a WAF (Web Application Firewall) like Cloudflare
  • Keep your software up to date
  • Use strong passwords and 2FA (Two Factor Authentication)
  • Regularly review your logs for suspicious activity
  • Implement rate limiting to prevent brute force attacks

Conclusion

2025 has been a great year for learning and growing my skills in web security. By implementing a WAF and regularly reviewing my logs, I've been able to keep my webpage safe from numerous threats. The data I've gathered from blocked IPs has provided valuable insights into the types of threats that exist online. As I continue to enhance my webpage's security, I look forward to sharing more insights and tips in the coming year. I really appreciate all the people who have read these blogs and reached out with questions or comments. Im excited to keep writing these and am thankful for each and evey one of you.

Stay safe online!