1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 9:25 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Matching a range of IPs

Matching a range of IPs with "Deny from" and "RewriteCond"

         

Marino

8:39 am on Feb 11, 2005 (gmt 0)

10+ Year Member



Hello,

I've found a site which lists blacklisted IPs. Just submit one, and it gives a report like this :

Netblock:~~~.224.0.0/13 (~~~.224.0.0-~~~.231.255.255)
[...]
Currently active and flagged to be published in DNS.

What should I add to my .htaccess file to match the IP range? The "Netblock"? 

Deny from ~~~.224.0.0/13

Will it match ~~~.224.0.0-~~~.231.255.255?

Is there a way to use a RewriteCond on the REMOTE_ADDR to match the whole set? Something like : 

RewriteCond %{REMOTE_ADDR} ~~~\.(224¦225¦226¦227¦228¦229¦230¦231)\.[0-9]{1,3}\.[0-9]{1,3} [OR]

Thanks in advance

jdMorgan

1:32 pm on Feb 11, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Marino,

Check the mod_access documentation [httpd.apache.org]. It shows that Allow from and Deny from can accept single IP addresses, partial IP addresses, CIDR range notation, and network/netmask notation.

To use RewriteCond, you have to construct a regular expression that matches the text of the IP address or range; Unlike the mod_access directives, mod_rewrite treats IP addresses as text only, and not as numerical values.

> Will it match ~~~.224.0.0-~~~.231.255.255?

I'd suggest: 


RewriteCond %{REMOTE_ADDR} ^~~~\.2(2[4-9]¦3[01])\. [OR]

You can simply specify the octets that you want to match, and leave off the last ones that range from 0-255. As long as you start-anchor the pattern, there will be no ambiguity.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 9:25 pm May 1, 2026