Plugin / IP Threat Blocker by Musubu

Description

Musubu’s IP Threat Blocker for WordPress leverages the full power of Musubu API to dynamically screen incoming IP addresses to your website for cybersecurity threat ratings, threat types, countries and networks of origin allowing the user to automatically (“set it and forget it”) or manually block IPs by threat score, type, or country.

Simply put, our plugin is the easiest way to avoid a hack or breach without having to know anything about cybersecurity. Website owners can just install our plugin, then set it to automatically block IPs observed and associated with high-threat cybercrime vectors, such as Ransomware, Bots, Phishing, Spam, TOR, malware, and dozens of more exploit types.

Stop cyber threats at the door before they can do damage to your site, data, customers, customer data, or eCommerce revenues. Musubu’s IP Threat Blocker for WordPress allows for easy blocking or unblocking of IPs with simple-to-use controls and also connects directly (and free) to MusubuApp, the leading IP & Network Threat Intelligence Web Portal for researching or drilling into more details on any given IP address.

Musubu is different in that it provides highly-enriched information and scoring algorithms designed to give you a sense of real threats posed by a network. It’s not a simple threat aggregation engine matching IP addresses like many of the solutions available today but is focused on the network of origin “in context” as well as what threat is posed by the entire subnet and broader environment of origin.

Our plugin uses the following API results to perform effective blocking:

threat_potential_score_pct – Numeric threat score between 0-100. The Score is calculated using “blacklist class”, “blacklist neighbors,” number of recent observations and country of origin.

threat_classification – Classification derived from “threat potential score pct”

High – Threat score >70
Medium – Threat score from >40 but <70
Nuisance – Threat score <40
Low – Any IP unlisted with a threat score <20

Blacklist_class (i.e., “Severity of Threat Types”) – Field classifying the specific threat vector that has been identified. Contains one of the following values: apache, blacklisted, botnet, botnetcnc, brute force, compromised, ftp, http, imap, mail, malware, phishing, ransomware, shunned, sips, ssh, TOR, worm, zeus

Blacklist_class_cnt (i.e., “Total No. of Distinct Threat Classes”) – Field providing the number of sources which have identified the address as malicious.

Blacklist_network_neighbors (i.e., “Similar Subnet Threats”) – Field providing the number of addresses present on the same subnet which have been identified as malicious.

Blacklist_observations (i.e., “Total Subnet Threat Volume”) – Field providing the number of observations (of this IP) in the last 90 days.

PS: You’ll need a musubu.co API key to use it live on your site. Paid subscriptions are available for businesses, personal, and commercial sites here at https://musubu.co/integrations or at https://wpthreat.co.