Ban Entire IP Range

Forum Moderators: phranque

Message Too Old, No Replies

Ban Entire IP Range

This ISP Just Earned a Ticket to Error Pages

Oaf357

9:06 am on Jul 1, 2004 (gmt 0)

Is this an effective way to ban a range of IPs?

RewriteCond %{REMOTE_ADDR} ^64\.231\.[0-255]\.[0-255]$

Thanks in advance for your help.

gergoe

9:38 am on Jul 1, 2004 (gmt 0)

It could be efective, but this way it is not correct (and won't work), change it as follows:


RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^64\.231\.[0-9]{1,3}\.[0-9]{1,3}$
RewriteRule . - [F,L]

Regular expressions are working with strings, so the [0-255] will be processed as [0-2 5 5] so it will match 0, 1, 2 and 5, but that's all. The one I suggested above works with all the addresses from 0-255, but it is not nice, since it can match 999 and 000 also which should not appear in any ip address.

The recommended way to ban a browser based on the ip address is the Order and the Deny from directives, something like this: (this you can put into the htaccess file)


Order Deny,Allow
Deny From 64.231.0.0/16

keyplyr

12:29 am on Jul 5, 2004 (gmt 0)

I would just use this:

RewriteCond %{REMOTE_ADDR} ^64\.231\.