working Blocking IP range in htaccess file




redirect ip address htaccess (5)

Not sure how reliable the source is, but this is from clockwatchers

http://www.clockwatchers.com/htaccess_block.html

To Block a single ip address

order allow,deny
deny from 127.0.0.1
allow from all

This will refuse all GET and POST requests made by IP address 127.0.0.1, an error message is shown instead

To block multiple ip addresses, list them one per line

order allow,deny
deny from 127.0.0.1
deny from 127.0.0.2
deny from 127.0.0.3
allow from all

To block an entire ip range

deny from 127.0.0

This will refuse access for any user with an address in the 127.0.0.0 to 127.0.0.255 range.

Edit: Just found a similar question here

How to Block an IP address range using the .htaccess file

Looks like out answers are similar too.

I'm managing a site and the site is built in Wordpress. It gets ENORMOUS amount of traffic from bots and we want to block all of them except for important bots like Google Yahoo Bing Baidu. We use cloudflare and I want to block them from two layers, Cloudflare firewall and htaccess file. In htaccess file, I know how to block a single IP address and last trailing IPs of a IP range like 123.123.123.0/16

However, I need to block following IPs 69.30.192.0 - 69.30.255.255 93.55.115.64 - 93.55.115.71

How do you set rules of this in htaccess file? Cloudflare seems to follow same rule.


You've almost got it. The /16 notation is actually called CIDR Notation.

The number indicates how many bits to match from left to right. The Wiki page explains it in depth.

Or... you can just take my word for it and use a tool like this one I found: http://www.ipaddressguide.com/cidr#range

You can then use the deny from in your .htaccess just as you would for a single ip with the given values:

Order Allow,Deny
Deny from 69.30.192.0/18
Deny from 93.55.115.64/29
Allow from all

The answer from @Nick is good, so on the side of configuring the .htaccess you should go his way.

My answer will be about another issue detected in your question: you are willing to block the IP range 69.30.192.0 - 69.30.255.255, but a quick search on the ARIN database (WHOIS for IP addresses) shows that this range is not belonging to a single person.

In fact, by doing this, you might potentially deny your website to non-bots.

Eg:

69.30.192.0 - 69.30.192.31 belongs to LEAKY****.COM

...

69.30.193.0 - 69.30.193.15 belongs to TA*****, Abdelkader

etc.


Use just the first 3 octets

Order Allow,Deny
Deny from 66.249.74.
Allow from all

How to Block an IP address range using the .htaccess file

You could use:

Order Allow,Deny
Deny from 66.249.74.0/24
Allow from all

Or you could use this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^66\.249\.74\.
RewriteRule ^ - [F]