htaccess issue with denying ip range

LawsHosting · Feb 16, 2010

Offtopic regarding DA.....but......

I have a directory website, and 2 days ago I noticed 1,000's of submissions, which, to my knowledge is some sort of automatic submission software.
So I look at the logs to find that its from The Planet:

29.c6.7bae.static.theplanet.com - - [16/Feb/2010:21:48:20 +0000] "POST /blah HTTP/1.1" 302 396 "-" "-"
f4.c1.7bae.static.theplanet.com - - [16/Feb/2010:21:48:22 +0000] "POST /blah HTTP/1.1" 302 396 "-" "-"
ed.c3.7bae.static.theplanet.com - - [16/Feb/2010:21:48:23 +0000] "POST /blah HTTP/1.1" 302 396 "-" "-"
.....
like 100's of random hostnames

....however, I blocked the IP range for them:

deny from 174.120.0.0 - 174.123.255.255
and
deny from *.theplanet.com

that didnt work (why?), so I did a whois for those hostnames, and found they have different ip's i.e 29.c6.7bae.static.theplanet.com = 208.187.80.135 ......

My question is this, why didn't blocking *.theplanet.com work?

As a temp measure, I had to use:

PHP:

   if ($_SERVER['HTTP_REFERER'] == "") {
      inl_header("http://www.spam.com");
      exit();
   }

I know its a crude way......I'll add a captcha in due course.

Any insights?

jissh · Feb 17, 2010

Try this.

Code:

deny from 174.120.0.0/14
deny from .theplanet.com

jissh · Feb 17, 2010

I corrected the above code. Had a typo... This should work for you.

scsi · Feb 17, 2010

Do deny lines require order ones as well? Or can you just use deny?

Example:

Code:

Order Deny, Allow
Deny from 174.120.0.0/14
Deny from .theplanet.com
Allow from all

LawsHosting · Feb 17, 2010

jissh said:
I corrected the above code. Had a typo... This should work for you.

It worked. cheers. I can never understand the /16, /24, etc after the IP

I always do 'deny from IP - IP', which normally works.

I also sent them an abuse report

jissh · Feb 17, 2010

scsi said:
Do deny lines require order ones as well? Or can you just use deny?

Example:

Code:

Order Deny, Allow Deny from 174.120.0.0/14 Deny from .theplanet.com Allow from all

Any examples I've seen of deny lines show them as you've written scsi. However I've noticed that it is not necessary when denying an I.P. or host name.

tomydurden · Feb 17, 2010

Peter Laws said:
I also sent them an abuse report

Thanks and keep those abuse reports coming in! It really helps us track down the spam/compromised servers and work with our customers in clearing those up!

scsi · Feb 17, 2010

jissh said:
Any examples I've seen of deny lines show them as you've written scsi. However I've noticed that it is not necessary when denying an I.P. or host name.

Ok I was just curious.

htaccess issue with denying ip range

LawsHosting

Verified User

jissh

Verified User

jissh

Verified User

scsi

Verified User

LawsHosting

Verified User

jissh

Verified User

tomydurden

New member

scsi

Verified User