That abuse IP database is not what you need to block things because blocking one IP at a time is going to not block the unwanted traffic and will add exponentially to the filesize of your htaccess file when they come back on 61.147.33.67 or 61.147.15.82 . If you do a lookup (whois) as to what IPs are included in that unwanted traffic you can find that the IP is part of the 61.147.0.0 - 61.147.255.255 range which would use a CIDR of 61.147.0.0/16 to block all their traffic.

You can learn a lot in your spare time by reading through topics that are related in this Apache [webmasterworld.com] forum

this is the Access control by host documentation:
https://httpd.apache.org/docs/2.4/howto/access.html#host

but note that in doing so you are required to use Apache Module mod_authz_host [httpd.apache.org] which implies the following for using a "Require [not] host ..." directive:

This configuration will cause Apache to perform a double reverse DNS lookup on the client IP address, regardless of the setting of the HostnameLookups directive. It will do a reverse DNS lookup on the IP address to find the associated hostname, and then do a forward lookup on the hostname to assure that it matches the original IP address. Only if the forward and reverse DNS are consistent and the hostname matches will access be allowed.

or in your case, disallowed.
in other words, there will be a significant performance penalty for every request.

Many thanks for the answers!
I conclude:
Fist: I failed in the past, to block bc.googleusercontent.com and compute.amazonaws.com.
Because I used „<IfModule mod_authz_core.c>“ instead of „<IfModule mod_authz_host.c>
Seemingly „<IfModule mod_authz_core.c>“ is reserved for blocking IPs, IP Ranges and User agents, although other information are circulating in the internet.

Secondly: There is no difference between blocking hosts or domains or parts of it on principle. In both cases „require not host“ and <IfModule mod_authz_host.c> are to use.
Hence there are two alternatives:
<IfModule mod_authz_host.c>
<RequireAll>
Require all granted
Require not host compute.amazonaws.com
Require not host bc.googleusercontent.com
</RequireAll>
</IfModule>

or domain

<IfModule mod_authz_host.c>
<RequireAll>
Require all granted
Require not host amazon.com
Require not host google.com
</RequireAll>
</IfModule>

I will test it and report you.

Because I used „<IfModule mod_authz_core.c>“ instead of „<IfModule mod_authz_host.c>“

It shouldn't make any difference.

Unnerving but true: the <IfModule> envelope doesn't mean that the directives inside the envelope use the named module. It simply means “do this stuff, whatever it may be, if the named module happens to be installed”. (I once experimented with this on a test site.)

Besides, as noted in other threads, there is absolutely no reason for an <IfModule> envelope when working on a specific, individual site. It's only relevant if some bit of code is being distributed far and wide so there's no telling where it might land.


Dang. I thought German had abandoned “low 9 / high 6” ages ago, switching over to «guillemets» or possibly »guillemets«. (I forget which is French and which is German.)

Both alternatives do not work.
Because there is no solution visible, I will try to find an other information source.
I say thank you and good bye.