IP blacklist by subnet

  • Resolved datlicht

    (@datlicht)


    6 years ago

    Hi folks,

    how can I blacklist IPs by subnet or at least IP ranges, e.g.
    123.123.123.80/28
    123.123.123.80-123.123.123.95
    123.123.123.123/255.255.255.0

    Why? because…
    – just blacklisting it with 123.123.123.* is not the same
    – .htaccess does support regex
    – .htaccess does support subnets
    – .htaccess does support net masks

    For a list of valid IP directive syntaxes, see here:
    https://htaccessbook.com/block-ip-address/

    But such entries are treated as invalid when entering it in an IP box (no matter if blacklist or whitelist). For me, it looks like a bug.

Viewing 1 replies (of 1 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    Hi @datlicht,
    The current convention is not perfect (I agree with you), but it is a simple preliminary solution which people can use in the meantime until this is improved.
    It currently works as follows:
    If you entered the following in the blacklist settings:
    46.20.144.*

    then this will translate to the following in the .htaccess file:

    46.20.144.0/24

    Another example:
    69.63.*.* => 69.63.0.0/16

    Yes I agree with what you’re saying regarding being able to blacklist using exact CIDR notation because it gives the user finer granularity which is why I have this on the todo list which will be implemented soon.

Viewing 1 replies (of 1 total)
  • The topic ‘IP blacklist by subnet’ is closed to new replies.