Welcome to WebmasterWorld Guest from 184.108.40.206
Now I know to block a single ip address you use this...
deny from 220.127.116.11
I did a little reading and a ton of searching and have concluded to block an ip range of 18.104.22.168 - 22.214.171.124 you should use...
deny from 126.96.36.199/255
My understanding is that 18.0.0 through 18.0.255 is represented as 0/255 (that which denotes that portion of the ip as begining and ending using JUST that quarter portion of the ip address in order to make a percieved range).
Now to expand, if the range is greater and say we want to block a range of 188.8.131.52 to 184.108.40.206 you should use...
deny from 67.18/19
This takes the second set (out of which could be 0-255) and chooses (18-19 and all their subsets) to be included in the ip address range.
I just want to know if everything I stated is correct and if not (be in in full or in part) what I am wrong about and how it really works.
A basic example would be that you want to deny 192.168.192.0 through 192.168.255.255
In binary (use the Windows calculator or equivalent) that is 11000000.10101000.11000000.00000000 through 11000000.10101000.11111111.11111111
Having derived that, you now need to generate either a netmask or a CIDR. The easiest way to do it is to line up the start/end addresses vertically, and then examine them to see which bits change between the first and last address of the range. Then mark those that don't change with ones and those that do with zeroes:
This yields the netmask, which when converted back to decimal octets is 255.255.192.0
To get a CIDR, you count the number of ones from the left, in this case 18.
So, you would use
Deny from 192.168.192.0/255.255.192.0 (Network/Netmask pair -or-
Deny from 192.168.192.0/18 (Network/nnn CIDR specification
An example would be 220.127.116.11 through 18.104.22.168, which could be specified as a partial IP address as:
Deny from 172.0.0.
Unfortunately, this is as simple as it gets.