Blocking multiple ip ranges using mod access in htaccess
I read the guide from apache site but I’m a bit confused, I’m trying to ban some ranges using this syntax:
deny from 127.0.55.0/127.0.75.255
deny from 127.0.235.0/127.0.255.255
allow from all
But I think it’s not working properly, probably the syntax is wrong or I’m using it in the wrong way, where should I write this text in htaccess? before the other lines or after? in the same htaccess file there’re some mod rewrite script too (for anti-hotlinking).
I’ve come to this answer using apache documentation.
You can give an address range using ip/netmask pair :
deny from 127.0.55.0/24
However, since range 55 – 75 are not power of two, I don’t see how to make a range out of them. I’d add several rules.
order allow,deny deny from 127.0.55.0/24 // Matches 55 deny from 127.0.56.0/21 // Matches 56 to 64 deny from 127.0.64.0/21 // Matches 64 to 71 deny from 127.0.72.0/22 // Matches 72 to 75 deny from 127.0.235.0/24 // Matches 235 deny from 127.0.236.0/22 // Matches 236 to 239 deny from 127.0.240.0/21 // Matches 240 to 255 allow from all
NB: Remove the comments after
// before pasting into htaccess