[BNM] .htaccess question / blocking IP range
David Pashley
david at davidpashley.com
Fri Apr 4 12:28:09 BST 2008
On Apr 04, 2008 at 12:19, Jonathan Hirsch praised the llamas by saying:
> Hi all,
>
> I've been trying to block a range of IPs using .htaccess. Anyone know
> why "Deny from a.b.c.d - w.x.y.z" would work sometimes but not other
> times?
>
> Specifically, if I use a range that includes my own (client) IP
> address, the block works fine and I see the 403 Forbidden error
> message as expected. But if I include the range I actually want to
> block, it doesn't...
>
> For reference, the range is 82.99.30.2 - 82.99.30.73, belonging to a
> company called Munax AB - allegedly a search engine, but a quick
> Google reveals a bit of a dubious reputation; anyway they've been
> hammering my server for the last few days.
>
> "Deny from 82.99.30.2 - 82.99.30.73" doesn't work, yet if I
> individually write out all 72 IPs separately, each on a new line
> (i.e. Deny from 82.99.30.2 etc.), the block does work... Strange.
>
> So the problem's sorted for now, but if they suddenly come back with
> a new / longer IP range, I don't really want to be having to list
> every address separately. My htaccess file's long enough as it is! ;-)
>
It's because you're doing it wrong. You don't specify a range of
addresses using "start - end", you need to use either a full ip address,
a partial IP address or a netmask. You would want to do:
Deny from 82.99.30.0/25
--
David Pashley
david at davidpashley.com
Nihil curo de ista tua stulta superstitione.
More information about the BNMlist
mailing list. Powered by Wessex Networks