Tizwit - Welcome to WebmasterWorld!

You want to ban traffic from an IP range. This range is known as a CIDR (Classless InterDomain Routing) and can be included in your .htaccess file in this manner (based on the IP range you supplied).

<Files *>
order deny,allow
deny from 212.14.
</Files>

(some servers may cough on the trailing period. If so, remove it e.g. 212.14)

or the CIDR way

<Files *>
order deny,allow
deny from 212.14.0.0/16
</Files>

Either way will block all IP addresses between 212.14.0.0 through 212.14.255.255 which is an entire Class B Netblock.

The guestbook spammers keep coming because they use automated scripts to spam blogs, comments forms and guestbooks gleaned from various searches and which are not regularly updated to remove dead entries. I am still seeing attempts to spam a page that has been 410 gone for a year and a half. Just serve them a diet of 403s.

For advanced .htaccess users there are means of internally rewriting unwanted requests to very small files that say Access Denied.

Wiz

[edited by: Wizcrafts at 4:08 pm (utc) on Aug. 13, 2006]

Is there any way to do a range that is a little more spacific? I have noticed some national ranges don't use the whole range from 0 to 255 and get split up.

If possible I would like to allow from one country and not another (like korea)

TizWit;
You can block any IP address range, from one IP to millions of IPS. Finding out which ones are allocated to any given country is the problem. I recommend that you peruse through the Classful text listings at blackholes.us [blackholes.us] to find the countries and IP ranges that were assigned to them in May 2006. You should note that IP ranges (CIDRs)are not always static, but are sometimes reassigned from one country to another. I used those lists to help get me started with a project that blocks all of Nigeria.

The IP CIDRs in those lists are not completely up to date and are missing newly assigned ranges for some countries. You can use DNSStuff [dnsstuff.com] to run Whois lookups for spammers' and scammers' IPs. The results often contain a CIDR that is useful in a blocklist.

You have lots of investigative work ahead of you if you want to block specific countries with .htaccess directives, but it is do-able.

Wiz

[edited by: Wizcrafts at 6:10 am (utc) on Aug. 14, 2006]

so in order to place a block in the htaccess file you just have to enter it in like this:

deny 62.4.96.0-62.4.127.255

or is there another way it must be done?

so in order to place a block in the htaccess file you just have to enter it in like this:

deny 62.4.96.0-62.4.127.255

or is there another way it must be done?

NO!
We wish you could do it like that. The system used in Apache Servers .htaccess deny directives allows for either a full exact IP, or a partial IP listing the primary number groups - followed by a trailing period (or not depending on your server's config), or a CIDR designated IP range.

All of the following examples are valid for blocking the exemplified IP address range of 123.123.123.0 - 123.123.123.255

List partial IP:
deny from 123.123.123.
or alternately:
deny from 123.123.123

Full CIDR equivilant:
deny from 123.123.123.0/24

The 0/24 is the same as saying 0-255 in the last quadrant, which is the same as leaving off that quadrant.

In the case of your example range quoted above, the CIDR should be: 62.4.96.0/19
You can lookup CIDRs at DnsStuff [dnsstuff.com] using the CIDR input field near the bottom of the page. Type in the starting IP and press Enter. The results page will list all starting and finishing IPs on separate lines, with the CIDR designation on the left hand side of each row.

Here is what it says at DnsStuff for your stated IP range:

62.4.96.0/19  = 62.4.96.0  through 62.4.127.255  [8192 IPs]

Wiz

[edited by: Wizcrafts at 5:10 am (utc) on Aug. 17, 2006]