duggytuxy / Data-Shield_IPv4_Blocklist

Website   •   Issues Tracker   •   SysWarden   •   Linkedin   •   TryHackMe   •   Ko-Fi Data‑Shield IPv4 Blocklist Community **The Data-Shield IPv4 Blocklist Community** provides an official, curated registry of IPv4 addresses identified as malicious. Updated continuously, this resource offers vital threat intelligence to bolster your **Firewall** and **WAF** instances, delivering a robust, additional layer of security for your infrastructure. Key Features & Benefits • **Proactive Defense & Reduced Attack Surface** The Data-Shield IPv4 Blocklist Community Community serves as an essential protective layer for your exposed assets (Web Apps, WordPress, Websites, VPS with Apache, Nginx). By blocking malicious traffic early, it significantly reduces the reconnaissance phase and lowers visibility on scanners like **Shodan**. • **High-Fidelity, Centralized Intelligence** Data is aggregated from a single, verified source fed by global probes and processed via a self-hosted HIDS/SIEM stack. We prioritize **data reliability** to minimize false positives, ensuring your legitimate traffic remains uninterrupted. • **Seamless Compatibility & Integration** Designed for universal deployment: • **Universal Format**: Easily integrates via a single RAW link into most Firewalls and WAFs. • **Vendor-Agnostic**: Includes split-list logic to accommodate hardware vendors with strict entry-count limitations. • **CTI Ready**: Fully portable for enrichment in Threat Intelligence platforms like OpenCTI and MISP. • **Freshness & Performance** • **Updates**: Refreshed every **6 hours** to counter immediate threats. • **Retention**: A **15-day** rolling window ensures we track short-lived malicious IPs without bloating your rulesets with obsolete data. • **Efficiency**: Delivers enterprise-grade performance comparable to commercial solutions. • **Open Source & Community Driven** Accessible to anyone—from hobbyists to enterprise admins. The project is proudly distributed under the GNU GPLv3 license, fostering a transparent and collaborative security ecosystem. Core Objectives & Impact • **Drastic Noise Reduction & Streamlined Response** By filtering out approximately **95% of malicious bot traffic**, we reduce overall log noise by up to **50%**. This significantly improves the signal-to-noise ratio, allowing **Cybersecurity Incident Responders (CIRs)** to focus on genuine anomalies and critical alerts rather than sifting through automated background noise. • **Optimized Resource Consumption** Blocking threats at the perimeter prevents them from reaching your application logic. This leads to a direct reduction in **CPU, RAM, and bandwidth usage**, preserving your server resources for legitimate user traffic and reducing infrastructure costs. • **Automated, Multi-Channel Delivery** Ensure your defense is always active without manual intervention. Blocklists are automatically updated and distributed via high-availability networks including **GitHub, JSdelivr CDN, BitBucket, Codeberg, and GitLab**, guaranteeing reliable access through standard Raw URLs. Production Lists > For **Web Apps, WordPress, Websites, VPS with Apache, Nginx** To guarantee high availability and resilience, the Data-Shield IPv4 Blocklist Community is deployed across a robust multi-cloud infrastructure. The data is synchronized every **6 hours** across multiple repositories and a global CDN. • **Which list should I use?** • **Full List**: Recommended for most modern Firewalls, WAFs, and SIEMs. • **Split Lists (A/B/C)**: Designed for legacy hardware or vendors with strict entry limits per object (e.g., max 30k IPs). If used, ensure all 3 parts are ingested. GitHub Repository (Mirror) > **View Official Repository** | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | prod_data-shield_ipv4_blocklist.txt | | Split List A | 30k IPs | prod_aa_data-shield_ipv4_blocklist.txt | | Split List B | 30k IPs | prod_ab_data-shield_ipv4_blocklist.txt | | Split List C | 30k IPs | prod_ac_data-shield_ipv4_blocklist.txt | GitLab Repository (Main Source) > **View Official Repository** | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | prod_data-shield_ipv4_blocklist.txt | | Split List A | 30k IPs | prod_aa_data-shield_ipv4_blocklist.txt | | Split List B | 30k IPs | prod_ab_data-shield_ipv4_blocklist.txt | | Split List C | 30k IPs | prod_ac_data-shield_ipv4_blocklist.txt | jsDelivr CDN (High Performance) > **View CDN Status** | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | prod_data-shield_ipv4_blocklist.txt | | Split List A | 30k IPs | prod_aa_data-shield_ipv4_blocklist.txt | | Split List B | 30k IPs | prod_ab_data-shield_ipv4_blocklist.txt | | Split List C | 30k IPs | prod_ac_data-shield_ipv4_blocklist.txt | BitBucket Repository (Mirror) > **View Official Repository** | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | prod_data-shield_ipv4_blocklist.txt | | Split List A | 30k IPs | prod_aa_data-shield_ipv4_blocklist.txt | | Split List B | 30k IPs | prod_ab_data-shield_ipv4_blocklist.txt | | Split List C | 30k IPs | prod_ac_data-shield_ipv4_blocklist.txt | Codeberg Repository (Mirror) > **View Official Repository** | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | prod_data-shield_ipv4_blocklist.txt | | Split List A | 30k IPs | prod_aa_data-shield_ipv4_blocklist.txt | | Split List B | 30k IPs | prod_ab_data-shield_ipv4_blocklist.txt | | Split List C | 30k IPs | prod_ac_data-shield_ipv4_blocklist.txt | New Production Lists > For **DMZs, critical assets, exposed infrastructure, and APIs** • **Critical Infrastructure & Specialized Lists** Tailored for SMBs and ente…