Blocking an IP Range using .htaccess

I’ve decided to block all traffic from all McColo Corporation users.

Not all are guilty I’m sure, but I just got hit by one of their customers called “Digital Infinity”, reportedly a Moscow based company.  I was crawled repeatedly by IP 12 IP addresses within the 208.66.195.1-208.66.195.20 range.  Now, <100mb of transfers isn't so much to loose over a couple days, but it's enough to catch my eye.  Looking up one of those IP addresses shows McColo Corporation has leased 208.66.195.1-208.66.195.15 to “Digital Infinity”.  However, several of the IP addresses that scanned me are within McColo Corporation generic pool.  I’ve also seen posts related McColo Corporation’s 208.66.192.* range being a major source of WordPress comment spam.

So, guys, you’re outta here.

I’m blocking them via .htaccess.  I suggest you might want to do the same for at least 208.66.195.1-208.66.195.20 if you’re feeling more charitable than I am this morning.

Since they have four groups of addresses, I add four lines to my .htaccess file.  As a whole, that section now looks something like this:

[html]

order allow,deny
deny from 208.66.192
deny from 208.66.193
deny from 208.66.194
deny from 208.66.195
allow from all

[/html]

5 Comments

Add a Comment

Your email address will not be published. Required fields are marked *