how do I block IP range in htaccess?

  • cerio
  • Proficient
  • Proficient
  • User avatar
  • Posts: 263
  • Loc: UK

Post 3+ Months Ago

Hi.
Not sure what section to post this in.
Can anyone tell me, please, what to add to my htaccess file to block this completely? I know how to block a single IP but not a range from 66.66.0.0 - 66.67.255.255 or even if that is how to do it. I looked up the IP that was bombarding my website and got this...
Quote:
Results:
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=66.66 ... xt=netref2
#

NetRange: 66.66.0.0 - 66.67.255.255
CIDR: 66.66.0.0/15
OriginAS:
NetName: RR-NYS-2BLK
NetHandle: NET-66-66-0-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-01-17
Updated: 2011-07-06
Ref: http://whois.arin.net/rest/net/NET-66-66-0-0-1


OrgName: Road Runner HoldCo LLC
OrgId: RRNY
Address: 13820 Sunrise Valley Drive
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US
RegDate: 2000-09-28
Updated: 2011-07-06
Comment: Allocations for this OrgID serve Road Runner residential customers out of the New York City, NY and Syracuse, NY RDCs.
Ref: http://whois.arin.net/rest/org/RRNY


Thanks for looking.
Regards,
cerio
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9102
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

First I am not sure you want to block all of the IP addresses in what you posted above. In the above you can see it says 66.66.0.6/15 which means the CIDR is 15. So that means they have control of over 512 Class C's. In terms of ip addresses, that means that they have control of over 131,072 ip addresses. So if you block that entire range below using the /15 notation keep in mind how many ip addresses you are blocking.

I normally block this in .htaccess by adding something like the following:

Code: [ Select ]
<Limit GET POST HEAD>
Order Allow,Deny     
Allow from all
deny from 66.66.0.1
deny from 66.66.0.2
deny from 66.66.0.3
</Limit>
  1. <Limit GET POST HEAD>
  2. Order Allow,Deny     
  3. Allow from all
  4. deny from 66.66.0.1
  5. deny from 66.66.0.2
  6. deny from 66.66.0.3
  7. </Limit>


That is how you can block single ip addresses. If you want to block an entire range of ip addresses then you would do something like this:

Code: [ Select ]
<Limit GET POST HEAD>
Order Allow,Deny     
Allow from all
deny from 66.66.0.0/15
</Limit>
  1. <Limit GET POST HEAD>
  2. Order Allow,Deny     
  3. Allow from all
  4. deny from 66.66.0.0/15
  5. </Limit>


That would block their whole network. Hope that helps!

Post Information

  • Total Posts in this topic: 2 posts
  • Users browsing this forum: No registered users and 29 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.