Blocking via CIDR notation – why it is needed

  • Resolved batteriesInc

    (@batteriesinc)


    2 years, 9 months ago

    I really think you should find a way to implement CIDR notation for blakcklisting IP addresses. I know it’s been about 2 years since you last had a question on it, but I’m afraid I have to revive it.

    (1) the problem with .htaccess based filtering of the bad guys it is that
    every.
    single.
    line.
    you.
    add.
    slows.
    your.
    site.
    down.
    .. which is why it is often better to block a whole IP range instead of individual offenders.

    (2) if you identify a serial offender provider like OVH and start to dig out their RIPE allocations you discover that they have scattered their allocations over more than 1950 entries which makes filtering them hard until you rework that mess back into something more practical like CIDRs. Unless, of course, you like having a slow site..

    In general, you can pretty much exclude any major hoster without any impact on true site vistors, because they’re humans, not hosted computers, but to do that efficiently without immediately bumping into issue (1) as above is using CIDR notation. The .htaccess file supports it.

    • This topic was modified 2 years, 9 months ago by batteriesInc.
Viewing 1 replies (of 1 total)
  • Plugin Contributor Prashant Baldha

    (@pmbaldha)

    Hi @batteriesinc,

    We are thankful for your suggestion.

    We are developing PHP based IP blocking features and getting rid of Block IP from .htaccess. In it, We would like to introduce the IP rage block feature. I have put the IP rage block feature in our internal project management system. We eventually work on the task priority-based.

    Thank You!

Viewing 1 replies (of 1 total)
  • The topic ‘Blocking via CIDR notation – why it is needed’ is closed to new replies.