Block Access from a Range of IP Addresses

There are some guys from certain locales who keep posting spamming comments to my web site on a daily basis. Although most of them were caught automatically and won’t be shown, yet some of the spammers spam so frequently with very big posts, it’s really annoying to delete these periodically in order to avoid the waste of resourses.

Analyzing the IP addresses of these spammers, we can find that some of the most active spammers use a different IP address every time (they may intentionally use dynamic IP address provided by their ISP’s), so that you can hardly block them, for enumerating all the IP addresses in config files of Apache or firewall is very tedious. But fortunately, all these IP addresses belong to the same IP range (I think that the spammer didn’t use a proxy), and normal internet surfers from this IP range are hardly willing to browse my web site due to language / locale / interest reasons. So we can simply block the access from all IP addresses in this range. For this reason, I created this “IP Range Calculator” online tool to make this process easier: it does the tedious IP address mask & CIDR calculation and generates firewall commands as well as proper lines for Apache’s config file.

Here is a real example. Note that I don’t have any discrimination to people or IP addresses in this range, just as I said, a real surfer from this range won’t actually browse my web site, and the only ones who do access my web site are usually spammers. So it’s not unfair to restrict access from this range.

First, get one of the most frequent spammer’s IP addresses:

Then use “whois” service to get the IP range:

Now launch the “IP Range Calculator“, enter the IP range got from whois, and click “Calculate” button. Then the calculation result is used to generate related firewall commands and lines for Apache config file to block the IP addresses. You can use either of them according to your needs.

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*