Did you use the RIPE WHOIS?

I use the APNIC WHOIS, which provides 'most' CIDR's near the bottom of the page.

There are also websites that offer CIDR conversion.

The range:
78.110.48.0 - 78.110.55.255
coverts to
CIDR 78.110.48.0/24

FWIW, RIPE also offers the CIDR range near the bottom of the page under

route:

Ok...

Can you confirm this does the job, please?

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_REFERER} buttons\-for\-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} make\-money\-online\.7makemoneyonline\.com [NC,OR]


RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

#1a block visitors from indicated IPs
order allow,deny
deny from 78.110.48.0/24

allow from all

Everythinh looks o.k. with the exception of the trailing empty lines.

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_REFERER} buttons\-for\-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} make\-money\-online\.7makemoneyonline\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]
#1a block visitors from indicated IPs
order allow,deny
deny from 78.110.48.0/24
allow from all

Many thanks wilderness

Trailing empty lines sorted out!

back in this thread there was a discussion with some advocating empty lines, others none. I will compromise...

Regards

I never got round to understand if I should delete the [NC]

Use [NC] only when
-- the pattern contains alphabetic material in a cased script
AND
-- there is a real possibility that the pattern text can occur in different casings

Never use [NC] when referring to your own site. You know the correct casing of any given string, so save the server some work and use it. Sometimes [NC] is even counterproductive: If your site is canonicalized to "example.com" then anyone giving "EXAMPLE.COM" as referer is fake and should be barred.

I don't remember the exact lines that trigger the errors about "[NC] flag is meaningless here"; you can paste in a specimen at random if necessary.

back in this thread there was a discussion with some advocating empty lines, others none

Blank lines in htaccess have no semantic meaning (unlike blank lines in robots.txt, which are significant). Add them purely for your own information to make it easier to read the file. In the specific case of mod_rewrite it is useful to put a blank line after each RewriteRule so you can see when a ruleset (RewriteRule with optional preceding RewriteCond) belongs together.

Someone either in this thread or a similar one suggested the simple pattern (note lack of anchors)

RewriteCond %{HTTP_REFERER} money
and/or
SetEnvIf Referer money keep_out

because on at least 95% of sites, you'll never meet a genuine referer with "money" in its name. It's bound to be referer spam, so deny them all.

Hi Lucy

Let's see if I can get it right, finally!

RewriteCond %{HTTP_REFERER} semalt\.com [OR]
RewriteCond %{HTTP_REFERER} buttons\-for\-website\.com [OR]
RewriteCond %{HTTP_REFERER} make\-money\-online\.7makemoneyonline\.com [OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]
#1a block visitors from indicated IPs
order allow,deny
deny from 78.110.48.0/24
allow from all

Is this how it should be?

Is this how it should be?

Well, it's how it can be. I prefer to reserve mod_rewrite for things that can't be done any other way. Don't use an elephant rifle when a flyswatter will do. For simple lockouts based on a single element of the request, I use mod_setenvif in conjunction with mod_authzwhatsit ("Deny from..."). Unlike mod_rewrite these directives are inherited by default. So it's practical when you have a single htaccess used by multiple sites that each have their own htaccess with their own RewriteRules.

For example:

SetEnvIf Referer semalt keep_out
BrowserMatch libwww-perl keep_out

Deny from env=keep_out

"BrowserMatch" (also, if absolutely needed, BrowserMatchNoCase) is a special mod_setenvif shorthand that's identical to
SetEnvIf User-Agent etcetera.

But the mod_rewrite ruleset looks correct.