Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.0k views
in Technique[技术] by (71.8m points)

apache - Blocking multiple ip ranges using mod access in htaccess

I read the guide from apache site but I'm a bit confused, I'm trying to ban some ranges using this syntax:

order allow,deny
deny from 127.0.55.0/127.0.75.255
deny from 127.0.235.0/127.0.255.255
allow from all

But I think it's not working properly, probably the syntax is wrong or I'm using it in the wrong way, where should I write this text in htaccess? before the other lines or after? in the same htaccess file there're some mod rewrite script too (for anti-hotlinking).

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I've come to this answer using apache documentation.

You can give an address range using ip/netmask pair :

deny from 127.0.55.0/24

However, since range 55 - 75 are not power of two, I don't see how to make a range out of them. I'd add several rules.

order allow,deny
deny from 127.0.55.0/24  // Matches 55
deny from 127.0.56.0/21  // Matches 56 to 64
deny from 127.0.64.0/21  // Matches 64 to 71
deny from 127.0.72.0/22  // Matches 72 to 75

deny from 127.0.235.0/24 // Matches 235
deny from 127.0.236.0/22 // Matches 236 to 239
deny from 127.0.240.0/21 // Matches 240 to 255
allow from all

should work.

NB: Remove the comments after // before pasting into htaccess


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...