IP range?

I had a similar question.

I’m not the developer, but based on looking at the source code it doesn’t appear possible to use IP ranges or CIDRs for blacklist or whitelist options.

This indeed is not possible (yet). The official notation would be the CIDR notation so 192.168.2.0/24 but I doubt if many people will know this way of notation.

Working with other variations will leave many possibilities that need to be properly catched.

So Pascal, it’s okay to use CIDR in the blocking or whitelisting dialogs of IQ Block Country?

Motw, perhaps this calculator will help, it converts to CIDR, assuming Block Country uses CIDR

https://www.ipaddressguide.com/cidr

MTN

Hi MTN,

No just not yet. Nice conversion site though. I will see what I can do for the next version.

MTN – I block everything outside the US, but I’ve got a IP range within the USA that is relentless.

I’ve blocked all access to the backend except for specific IP addresses. As you’ve noticed, the hackers will just use US VPN exit nodes or other US-based gateways if you block the foreign access.

Mot, just block the range in your .htaccess. Done deal. Or install Wordfence free version, it has good IP blockage.

Sunrise, yes, some hackers go to the trouble of using a VPN, but most do not bother attacking low value sites that way. I get super results from country blocking, saves me hundreds of dollars in bandwidth I’d otherwise pay for.

MTN

I’ve got some code lined up for this so hopefully that will work as soon as applied.

If someone is up for testing the ip ranges once it is done I would be glad for any testing done ??

Hi Pascal, I can easily test some ranges. I’ll keep an eye out for your new ver. MTN

By the way, can anyone tell me why one would favor placing an IP block range using Pascal’s plugin, rather than just using .htaccess? Convenience? That’s valid, just curious. Or because it returns the IQ Block message instead of a generic 404 or 503 error? I’d probably just use .htaccess and assume it might be a little higher up in the stack and thus perhaps use slightly less server resources. But then, I like the idea of the customized blocked message. So I’m going either way on this.. MTN

htaccess is very resource unfriendly as it will read the htaccess file for each and every request. So also for the css files, javascript or any image for instance.

Database ip blocking can be a bit more efficient due to database caching (depending on your webhost configuration) and also because only actual content pages are matched against the ip ranges.

Thanks Pascal! I’m not impressed with .htaccess as it does cause a burden, but did think it might be better, but you are correct about using database. Looking forward to your plugin allowing IP ranges! MTN

The next question will be, what is the best and least resource intensive way to block an IP range, using IQ Block or Wordfence if a person is running both? Or does it matter?

@mtn “Sunrise, yes, some hackers go to the trouble of using a VPN, but most do not bother attacking low value sites that way. I get super results from country blocking, saves me hundreds of dollars in bandwidth I’d otherwise pay for.”

I’m glad you’re saving bandwidth cost, but my concern is more about security. Hackers definitely do use VPNs, proxies, US-based data centers and so on to attempt attacks against large numbers of US sites. Any site has value to a hacker when it becomes part of a large botnet that can be leased or otherwise used for spam, malware delivery, or to pivot to other ISP hacks. Given how cheap bandwidth is these days, if you are paying that much you must have a very large site that would be a juicy target for hackers.

For security purposes, I believe that blocking specific countries or IP ranges is not a great strategy.

I have a medium-large, monetized site that I make my living from. I’m of course constantly working to increase security and totally agree that hackers will do what they will. All I’m saying it that in any case, I get excellent results from country blocking and other measures that can indeed be bypassed but clearly are not bypassed in many cases, as in thousands. The benefits of blocking this are both in increased security and reduced bandwidth. Agree that any site can of course have value, but sites such as ours are mostly attacked by bots that can be programatically blocked, for example using country blocking. What I mean about a high value site is one that’s attractive to human personalized attacks, for example a bank, or large membership website. Sure, some guy in Ukraine could site for hours in his pajamas and try to personally break into our site, using a VPN, but I’m just not seeing those kinds of attacks, (and if they do happen we have four different types of backups). I don’t find bandwidth to be cheap, though sure, it’s not a medical bill ?? MTN

• This reply was modified 6 years, 9 months ago by mountainguy2.