Block IP-networks through .htaccess

One question that often comes up in forums is how you can cleanly block complete IP-areas already in the webserver. Since the solutions are often not quite perfect, I put together a small tool which will take care of this.

When you look through your webserver-logfiles and you want to block the access from the IP for example, you should first figure out the start- and end-IP for the whole network. So you put in the IP into Whois and will find out that this IP belongs to the serverhoster Hetzner which has the addresses to allocated to them (inetnum: – Seeing how servers are not usually welcome visitors you can decide on blocking the whole area.

Now you input the start- and end-IP into the tool and it will automatically calculate the correct CIDR-notation. Repeat this process until you have covered all unwanted areas and then copy the content into the .htaccess file on your own webspace.

Related posts