Known spammers and sources of malware are placed on internet blacklists. There are a number of different types of blacklists used online.
Blacklist monitoring lists, for example, are used by large email services such as Gmail, Outlook (Hotmail), and Yahoo. They use blacklists to filter emails for their customers. If an email is received that has the IP address known to be a source of spam or malware, the email will be rejected.
This can be a big problem for website owners. For example, if your website server’s IP address was added to a blacklist, no email notifications could be sent from your website. This means that users will not be updated about new comments to blog posts, new forum posts, newsletters, and more.
It is easy to think that this is not something that will affect you, but you would be surprised at how often this occurs. In website security breaches the hacker is not looking to steal your content or modify your database. All they are looking to do is upload an email script that allows them to use your server to send spam emails.
The main problem with this is that all of this happens in the background. This occurred to me in the past and I didn’t realise for weeks that my server had been blacklisted. Since the event occurred, I have always monitored my websites closely.
RBLTracker is a blacklist monitoring service that offers many great features. I first came across the service last month when I added the service to the blacklist monitoring section of my webmaster resources directory.
In this RBLTracker review I would like to take a closer look at the service and show you what it offers.
Check out my full video review of RBLTracker below.
Want to know more? Read on to hear my full thoughts on the RBLTracker service.
What Does RBLTracker Protect You Against?
RBLTracker provides customers with a wide range of tools.
Blacklist monitoring is one of their most important services. They will check the IP addresses you list against sixty blacklists multiple times per day. If any of the IP addresses you list are added to a blacklist, they will notify you immediately.
URL blacklists list website URLs and domain names that are associated with spamming, phishing scams, and viruses. A URL blacklist is sometimes referred to as an URIBL. This is an acronym for “Uniform Resource Identifier Blacklist”.
Your website could be blocked if it is added to one of these lists. RBLTracker will alert you if your website is added to a URL blacklist.
Search engines such as Google also maintain what are known as “Safe Browsing Databases”. Any website that has been compromised will be added to the list if it is deemed unsafe. Browsers also access these databases to provide a safer browsing experience for users.
Therefore, if your website is marked as unsafe users will be unlikely to visit your website is search engines and browsers warn them their computer is at threat by visiting the page. Thankfully, RBLTracker lets you know if your website is added to one of these databases.
Another service RBLTracker provides is social media monitoring. This is something that few other blacklist monitoring services offer.
RBLTracker monitors your IP addresses and websites against a network known as the Facebook Threat Exchange. The exchange is used by social media platforms such as Tumblr, Facebook, and Pinterest. Dropbox and Yahoo! also use the service. If your website or IP address ends up in being listed in the threat exchange, you will be notified.
Notifications can be sent to you in a number of ways. You can be notified of your website being added to a blacklist via email, SMS, Twitter, pushover notifications. Third-party services such as PagerDuty, HipChat, Slack, Nagios, and Zabbixare, are also supported. The API can be integrated using custom code too.
The RBLTracker User Interface
RBLTracker kindly sent me over access details for a test account so that I could have a thorough look at how RBLTracker works.
The RBLTracker interface is very simple to use. You will see five different categories listed in the main navigation menu: Home, Manage, Tools, Account, and Billing.
Home Area
The IP addresses that you add to your account are referred to as hosts. In the main overview page you will see graphics that let you see at a glance how many of your hosts are in good standing and your average reputation for your hosts.
The failed hosts are shown on this page with information such as the last checked date and how long the host has been tracked. Your account remaining balance is also displayed on this page.
The listing page shows you all of the hosts you are tracking i.e. failed hosts and good hosts. You can see the IP address for each host, whether the host has failed or not, the last check date, and the length of time you have been tracking each host.
Clicking on a failed listing brings up a box which displays the blacklists that have blocked the IP address. You can follow these links to the blacklist in question and then do the steps required by the blacklist in order to remove your website.
Blacklists will ask you to clean up your website and remove the threat (e.g. spam script, malware etc) before you submit your website again to be retested.
A history of all the checks you have performed are displayed on the check history page. Automatic checks and manual checks you have performed are displayed on this page.
RBLTracker keeps information about all of your checks for the last three months.
Manage Area
Adding new hosts to your account takes seconds. You can either enter the information manually for each host or upload multiple hosts via a CSV file.
For the host type you can define an IP address, domain name, or a range of IP addresses. Add a good description for each host you add so that you easily remember which host it is. For example, you could name the host by its website address and/or hosting provider name. Each host can be assigned to a RBL profile and contact group.
For each host you can see a report, pause the tracking of the host, or delete the host from your account.
The last two weeks of reports can be seen for each host from this area.
In the contacts page you can set up new notification alerts. For contact type you can select from email address, Twitter, SMS, pushover, PagerDuty, Slack, and HipChat. You can select the frequency of the alert and assign the contact to a new contact group.
All of your contacts can be grouped together. This is useful for managing all of the different notification alerts you have configured.
For example, you could create a group for each website you are tracking. Alternatively, you could create a group for each type of contact so you would have one group for Twitter alerts, another for email alerts etc.
RBL is the acronym used for “Real-time Black Lists”. RBLTracker lets you choose which RBLs (i.e. which blacklist services) and which exchanges you would like to check your host against during checks.
You can easily create a new RBL and select which services you want to check your host against. Simply name your new RBL profile and select which services you do and do not want to use.
A custom RBL profile can be created for services which RBLTracker does not offer by default. If you have paid for an RBL or created one in-house for your company, you can use this page to make it work with RBLTracker.
Tools Area
The frequency in which your hosts are checked depends on the plan you select. Any host can be checked outwith the normal check interval at a cost of $0.005 per check (i.e. half a cent).
This is useful for generating an immediate scan of your host. It works the same way as automatic checks except it will not trigger any notification alerts or callback requests.
A DNS report can also be generated for a domain that shows A and MX Records.
Account Area
The profile page lets you set your timezone and change your account information. It is possible to improve security by connecting your account to the Clef service so that two-factor authentication is required when logging in.
In the account settings page you can add your company name and address and specify the preferred run time for your checks. The frequency of checks can be changed from hourly up to every forty-eight hours.
RBLTracker allows you to grant access to others to help manage your account.
You can assign new users to one of three roles: Administrator, billing manager, and developer. An administrator has access to all features, a billing manager can access billing and payment related pages, and a developer gains access to all developer related features.
RBLTracker has a REST based API. There is good documentation for accessing the API and plugins for Nagios and Zabbix.
In the API Callback Service page you can specify the URL that will be requested when one of your hosts is listed. The callback URL can be defined on this page.
Billing Area
The billing overview page states your account balance and whether auto-recharge is enabled. A one-time payment can be made from this area using a credit card or PayPal in order to add additional funds.
A billing history is displayed at the bottom of the billing overview page. Clicking on a particular billing will display the corresponding invoice.
New credit cards can be added via the credit cards page.
All credit card billing information is handled by the secure payment service Stripe therefore no sensitive payment information is retained by RBLTracker.
The cost calculator helps you determine how much you will spend with RBLTracker on a monthly basis. All you have to do is enter the number of hosts you want to track and the frequency in which you want to check them.
RBLTracker Pricing
You can create an account with RBLTracker free of charge. Their free plan allows you monitor one host at a forty-eight hour interval and offers notifications by Twitter and email and two-factor login authentication. It also supports over sixty blacklists and has support for URIBL (i.e. URL Blacklists).
Three premium plans are available for those that need more features.
The professional plan lets you track up to twenty hosts at twenty-four hour intervals. Retailing at $8 per month, it includes additional features such as pushover notifications, integration with third-party services, custom RBL lists and blacklists, custom run times, safe browsing checks, API access, and callback events.
Opting for the enterprise plan at $16 per month lets you monitor fifty hosts at twelve hour intervals. Additional features include SMS notifications, bulk host uploading, sub accounts, and social media monitoring.
The most flexible plan is the ultimate plan. It is essentially a pay as you go plan. As such, there are no restrictions with this plan. It offers all the features the enterprise plan with the added bonus of you setting your own custom checking frequency.
The ultimate plan retails at half a cent per check ($0.005).
Be sure to use the cost calculator available in the account area so that there are not any unexpected surprises when you are billed.
If you are to monitor one host, your monthly cost will depend on the frequency you make checks. In a 30 day month, monitoring one host at a forty-eight hour interval will cost you $0.075 per month, daily will cost you $0.15, every twelve hours will cost you $0.30, every six hours will cost you $0.60, every three hours will cost you $1.20, every two hours will cost you $1.80, and every hour will cost you $3.60.
As you can see, costs will increase if you monitor many hosts. For example, if you monitored twenty hosts with hourly notifications you would be billed $72 per month. That is still very affordable when you consider the number of hosts being checked every single hour. It is also worth noting that if you have all of your websites hosted on one server, you would only have to monitor one host for blacklists. Therefore, if you hosted one hundred websites on the same server, you would only have to monitor one IP address. As such, your costs would remain low.
The great thing about RBLTracker is that you have complete control how often you check a particular host.
For example, say you want to monitor five websites domains. You could check your two most important websites on an hourly basis and the three blogs that you update less regularly every twelve hours.
Final Thoughts
Website security is something that we all need to take seriously. We need to take external back ups often and we need to make it difficult for hackers to break in. Unfortunately, even if you take a proactive approach to website security, there is no guarantee that your server will not be infiltrated. All it takes is one hole in your system to let a hacker upload a script that will use your server to send spam or infect the computers of visitors.
For those of you who host your websites in a shared hosting environment, this risk is greater. In a shared hosting environment your website will be hosted in the same space as hundreds or even thousands of other websites. All it takes is one person to drop their guard for all websites in the server to be marked as unsafe.
That is why it is so important to monitor your websites using a professional blacklist monitoring service.
I was really impressed by what RBLTracker offers. The user-interface is very easy to use and they give you a lot of control over how you monitor your website.
I loved how it lets you place different notifications into groups and how you can select which services are checked for each check. Developers will also love the API integration and support for third-party services.
It is hard to argue with the RBLTracker pricing scheme. Their free plan lets you monitor one host and track it every forty-eight hours. If you chose to monitor your website every single hour of the month it would still only cost you $3.60 in a thirty day month. That is fantastic.
I encourage you to check out RBLTracker for yourself and monitor your website. Try out the free plan for a while to give you a good understanding of what the service can do for you and then you can make a sensible decision as to how often you want to monitor your websites.
Thanks for reading.
Kevin