48 hours ago we deployed our commercial real-time threat intelligence automatically, and for free, to all Ukrainian websites with the .UA top-level domain. That has made over 8,000 sites in Ukraine using the free version of Wordfence significantly more secure.
At noon-UTC on March 2nd, those sites started updating from our servers and receiving our IP blocklist. As known malicious IP addresses tried to access these sites, they were blocked. The number of blocks per hour ramped up from a range of less than 200, to around 10,000 blocked requests per hour, or about a quarter-million blocked requests from known malicious IPs per day, targeting Ukraine websites.
We have also, effective immediately, blocked Russian government websites from using Wordfence. Those sites will continue to have Wordfence installed and will function normally, but they will no longer receive any threat intelligence from our servers. That means they will no longer receive firewall rules, malware signatures, a list of IPs currently engaged in brute-force attacks, or our IP blocklist. We are not taking any action against non-government websites in Russia as we do not want to affect civilians.
Wordfence will continue to use our technology to assist the people of Ukraine in defending their nation.
This article originally appeared on the Wordfence Blog. Read the rest here: https://www.wordfence.com/blog/2022/03/ukraine-10000-requests-per-hour-blocked-by-wordfence/