My proposition is this:
- Create a 3rd party website (eg. trackbadips.com)
- Developers can make calls to it, passing in an IP address
- The IP address is logged as a malicous one
- Developers can go there, download a list of the top x reported IP addresses
- They can then use that list to filter requests to their applications
This is inspired by requests being made to a site I'm working on that is quite blatantly trying to hack it.
For example, no where on my site do I reference the path /wp-login.php or /administrator/index.php
Yet requests for those are made by a certain IP address.
Will think about this more.