| 9:49 pm on Nov 25, 2012 (gmt 0)|
|deny from 184.108.40.206/22 220.127.116.11/22 18.104.22.168/20 22.214.171.124/16 126.96.36.199/24 |
Well, ###. Yet another thing I didn't realize you could do.
Does this format run faster than one deny per line, as in
|deny from 188.8.131.52/22 |
deny from 184.108.40.206/22
deny from 220.127.116.11/20
deny from 18.104.22.168/16
deny from 22.214.171.124/24
Incidentally, I've got 126.96.36.199/14 as a single block. Did I miss a bit of Australia hiding in the middle? Also 188.8.131.52/18 as a country unit (not necessarily all the same ISP). But I don't pay much attention to Indonesia.
| 12:13 am on Nov 26, 2012 (gmt 0)|
No, using a command for every IP is not as fast as grouping many IPs on a line for 2 reasons:
1.) takes extra bytes for the "deny from" code.
2.) each line is read per command. Starting a new command for each IP is more processing.
I start a new line for each A class just as a management technique, CIDRs separated by a single space. Example:
deny from 184.108.40.206/13 220.127.116.11/15
deny from 18.104.22.168/16 22.214.171.124/32 126.96.36.199/23
deny from 188.8.131.52/16
deny from 184.108.40.206/23
deny from 220.127.116.11/12
deny from 18.104.22.168/8
deny from 22.214.171.124/16 126.96.36.199/14
deny from 188.8.131.52/22 184.108.40.206/24 220.127.116.11/24 18.104.22.168/24
deny from 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 184.108.40.206/17 220.127.116.11/18 18.104.22.168/28 22.214.171.124/29 126.96.36.199/19
| 1:39 am on Nov 26, 2012 (gmt 0)|
Thank you so much for clarifying,, keyplyr, now I know where I'm heading with the country codes. I had never entered multiple CIDRs in a single line before, didn't know we could do that. It would be dizzying to edit lines that are too long, so I'm adding them in related batches. Unless someday I find out that numerical order is important for performance.
| 2:55 am on Nov 26, 2012 (gmt 0)|
:: detour to horse's mouth [httpd.apache.org] to read up on mod_authz_host and see if there's any more stuff that everyone in the world except me has always known ::
| 1:37 pm on Nov 26, 2012 (gmt 0)|
Is this considered part of the Chinanet group?
<> 188.8.131.52 - 184.108.40.206
115.236.51.xxx - - [25/Nov/2012:23:47:14 -0800] "GET / HTTP/1.1" 403 3251 "www.google.com" "Explore 6.0"
| 7:29 pm on Nov 26, 2012 (gmt 0)|
@ Ken_S IMO yes, it looks to be maintained by Chinanet.
Just a FYI - The link to China ranges (msg:4521970) is old and there are many important missing ranges.
| This 36 message thread spans 2 pages: < < 36 ( 1  ) |