41

I have detected that a range of IP addresses may be used in a malicious way and I don't know how to block it.

I would like to block the range 66.249.74.* from accessing my website by using the .htaccess file.

Luc
  • 5,339
  • 2
  • 48
  • 48
Msy Marina
  • 411
  • 1
  • 4
  • 9

6 Answers6

47

You could use:

Order Allow,Deny
Deny from 66.249.74.0/24
Allow from all

Or you could use this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^66\.249\.74\.
RewriteRule ^ - [F]
Prix
  • 19,417
  • 15
  • 73
  • 132
  • I want to tell you that , I use Common100 Online chat software for detect who visiting on my website page , and i always found this IP address visit 66.249.74.* . Please see the image ! http://laroute-angkor.com/IP.jpg So what should i do ? – Msy Marina Aug 28 '13 at 08:59
  • @MsyMarina that IP is from google http://whois.arin.net/rest/net/NET-66-249-64-0-1/pft – Prix Aug 28 '13 at 09:00
  • Sorry, I don't know http://whois.arin.net/rest/net/NET-66-249-64-0-1/pft But i don't want see those IP access on my website . – Msy Marina Aug 28 '13 at 09:07
  • @MsyMarina does Google send you virus? – Prix Aug 28 '13 at 09:13
  • I haven't receive any virus from google , but i want to make sure that this IP address is from google navigating on my webpage is normal like another website ,right ? – Msy Marina Aug 28 '13 at 09:17
  • 1
    @MsyMarina that site I have sent above is a trusted site that tracks the owners of each IP block, it says those IP's are from google so yes you have nothing to fear. – Prix Aug 28 '13 at 09:20
  • I need that point , thank for your value time for help me clear . – Msy Marina Aug 28 '13 at 09:34
  • Can you please explain what the /24 does? Why the number 24? – Reverse Engineered Dec 18 '17 at 16:57
  • 1
    @JBeck [you can read about it in this link, scroll down to IPv4](https://www.ripe.net/about-us/press-centre/understanding-ip-addressing) – Prix Dec 18 '17 at 21:16
16

Use just the first 3 octets

Order Allow,Deny
Deny from 66.249.74.
Allow from all
Howard Lee Harkness
  • 407
  • 3
  • 11
2

I’ve just used

Order Allow,Deny
Deny from 188.143.*.*
Allow from all

as spam attack comes from xxx.xxx.0-80.0-80.

Sebastian Simon
  • 18,263
  • 7
  • 55
  • 75
Vladyn
  • 437
  • 1
  • 5
  • 14
1

You can go to: and enter ips and it will generate the file for you. http://www.htaccesstools.com/block-ips/

Also for example you want to block the ip address range you want would be: 

Order Allow,Deny
Deny from 66.249.74.0/24
Allow from all

Or You Can Do:

You can indicate which addresses you wish to block using RewriteCond %{HTTP_REFERER}.

This is a Working Example:

# BLOCK VISITORS REFERRED FROM GOOGLE.COM

RewriteCond %{HTTP_REFERER} ^https?://([a-z0-9-]+\.)?google\.com [NC]
RewriteRule .* - [F]

The example above uses a regular expression, so it will block:

  • https:// or http://
  • followed by any subdomain (or none)
  • followed by google.com
  • followed by anything (or nothing)

The [F] flag means Forbidden. The server will return a 403 Forbidden Error.

Martijn Pieters
  • 1,048,767
  • 296
  • 4,058
  • 3,343
Universal Omega
  • 206
  • 1
  • 5
  • 26
  • If anyone, like me, is wondering where the /24 comes from: google "netmask" or "subnet mask". Basically it means "24 first bits" matter, 24 = 3 x 8 bits. See http://www.dslreports.com/faq/8426 – Ralf Mar 08 '18 at 07:55
0

you can do it easily by adding IP Ranges to your .htaccess file by downloading the full ranges from https://www.ip2location.com/blockvisitorsbycountry.aspx and uploading the .hataccess back to the directory you want blocked.

I recently blocked Russia by this method cause of getting loads of spam registrations on my forum and the forum never needs any contribution from this country.

Iqtidar Ali
  • 179
  • 1
  • 6
0

eg:

<Files *>
order deny,allow
deny from 2.72.0.0/13 2.92.0.0/14 2.132.0.0/14 
</Files>

Great howto with ip ranges here:

http://www.wizcrafts.net/russian-blocklist.html

Also these are up to date lists of offending ip ranges.

Paul V
  • 351
  • 3
  • 9