Spamhaus SBL/XBL Blacklist Site Protection
This is a simple plugin for Joomla 2.5.x and 3.x that will query the Spamhaus SBL/XBL database to see if your visitor's IP is listed. If they are, it will block them with a message letting them know why they are not allowed in the site and provide them a link to see WHY they were listed. That link also allows the opportunity to de-list themselves as well as provide instructions on how to clean up their system/network.
People listed in this database are typically either willfully spamming or have been infected with some sort of botnet. It rarely has false positives!
This is NOT meant to provide junk mail/form spamming behavior blocking, this will prevent someone who is listed from even ENTERING the site to begin with.
Since I've implemented this on several of my own client's site we've noticed a massive reduction of brute force login attempts, fake registrations and people trying to run exploits to hack Joomla and that is because this is a System level plugin that executes before components, modules and before the page renders. This means they won't even be able to scan your site for things to exploit!
If you find yourself accidentally blocked from your own site, create a file called spamhausletmein.txt in your main Joomla installation folder and then immediately go to the plugin settings and add yourself to the whitelist parameter and then delete the spamhausletmein.txt file upon completion!
It is also recommended for maximum effectiveness that you order this plugin as #1 in the plugin manager.
Documentation is included in the plugin description once installed, you can read it for a full description of all settings and what they do before activating!
Operates quickly using simple DNS queries
Logs entries to spamhaus_log.text in your main Joomla installation folder ( logs blocks and whitelist exemptions )
Provides a failsafe method incase you're locked out of your own site
Whitelist by IP functionality.. you can add
multiple ip's separated by commas
Options to log blocked connections, whitelisted connections and failsafe connections
Option to enable protection can for the front-end and/or back-end administration
Supports Joomla's 1-click update system
Please note: I am in NO way associated with the Spamhaus project, I just decided to write this because on one of the servers I manage, I'm running mod_spamhaus and found it to be extremely effective. I decided to put this together on servers where I can't enable that Apache module.