Block IP-networks through .htaccess

Johannes Beus
Johannes Beus
Johannes Beus ist Gründer und Geschäftsführer von SISTRIX.

One question that often comes up in forums is how you can cleanly block complete IP-areas already in the webserver. Since the solutions are often not quite perfect, I put together a small tool which will take care of this.

When you look through your webserver-logfiles and you want to block the access from the IP 88.198.39.70 for example, you should first figure out the start- and end-IP for the whole network. So you put in the IP 88.198.39.70 into Whois and will find out that this IP belongs to the serverhoster Hetzner which has the addresses 213.133.96.0 to 213.133.111.255 allocated to them (inetnum: 213.133.96.0 – 213.133.111.255). Seeing how servers are not usually welcome visitors you can decide on blocking the whole area.

Now you input the start- and end-IP into the tool and it will automatically calculate the correct CIDR-notation. Repeat this process until you have covered all unwanted areas and then copy the content into the .htaccess file on your own webspace.

Related posts
Comments
Comments will be closed 30 days after the post was published.