Blocking a range of IP Addresses

March 26, 2014, 5:52 pm
Author: James Griffiths

If you manage a website (or a number of websites) you will inevitably, at some point, experience unwanted form spamming. It's certainly not the highlight of anyone's day but sadly a persistent experience in today's connected world. If you are able to use and configure .htaccess files on your web server then you can implement IP blocking to help minimise unwanted form spam.

Simply download (if you don't have SSH access to be able to edit remote text files from the command line) and open up, from the web root of the server, the .htaccess file in a text editor of your choice.

At the top of the file enter the following (replacing the xxx.xxx.xxx.xxx with the IP address(es) that you wish to block):

Order Deny,Allow
Deny from xxx.xxx.xxx.xxx
Deny from xxx.xxx.xxx.xxx

You should be able to find the IP address(es) that you wish to block from the e-mail headers (presuming you aren't using a server side script to capture the IP address and display that in the e-mail message itself).

Understanding IP addresses

All IP addresses are formed of 4 8-bit sections (referred to as quadrants) which are separated by dots, with each quadrant consisting of a numeric value between 0 and 255. Altogether they form a 32-bit IP address which can be 'divided' into 2 parts: the network identifier and the host identifier.

The network identifier always starts from the left most part of the IP address and can occupy 1 or up to 3 quadrants in the IP address structure. The remaining quadrant(s) will form the host identifier.

Blocking IP addresses by range

Let's assume that you have been regularly receiving spam submissions from a similar range of IP addresses. Instead of individually blocking each IP address in your .htaccess file you can choose to block a range of IP addresses instead.

For example if you wanted to block IP addresses within a range such as: xxx.xxx.xxx.0 - xxx.xxx.xxx.255 then you can do the following within your .htaccess file (replacing the xxx values with those of the IP address range you wish to block):

Deny from xxx.xxx.xxx.0/24

This would block all 256 possible IP locations within that range. The /24 is CIDR (Classless Inter-Domain Routing) notation which means that there are 8 bits left over in the IP address to contain the host identifier (with the first 24 bits identifying the network address).

Categories

« Return to Posts

Post a comment

All comments are welcome and the rules are simple - be nice and do NOT engage in trolling, spamming, abusiveness or illegal behaviour. If you fail to observe these rules you will be permanently banned from being able to comment.