This morning I was surprised to see that a spammer had apparently breached my WordPress anti-spambot gauntlet. What does this mean in English, you ask? A potential hacker actually succeeded in registering an account on MT.Net, from which he could potentially attack my website.
At first I thought a bot had solved my CAPTCHA challenge, but after looking at the log entries it does not appear that this was an automated attack. Some dumb schmuck actually typed in the code by hand. That’s what most visitors to my website do, but most people don’t do it using email and IP addresses associated with hackers.
I’ve since turned on SABRE’s RBL lookup tests. This will automatically check the incoming IP against a list of suspect addresses. If there’s a match, the rogue visitor get automatically booted before he even begins.
It’s not perfect security, but one part of many defenses needed to protect a website.