these chinese spammer/hackers are driving me NUTS! I've tried all kinds of htaccess options to block china, and none have worked. Here is a sampling of the offending ip addresses. Maybe they are too new to be in the existing lists or something. Can someone help me out?
that doesn't work unfortunately it seems like ... here are some of the offending ip addresses: any other ideas?
If you want to block 202.46.ALL.ALL, the CIDR would be 18.104.22.168/16 and you'd just add that range to the existing list. I'm not sure which .htaccess methods you've attempted so far but this is one you can try if you need to.
| John Edel • Jetfire Networks L.L.C. • Trusted Hosting Solutions
| Consistent, Reliable, Stable OpenVZ & KVM Virtual Private Servers
| SpamWall AV & Full SMTP Filtering • Now an SSLStore Titanium Partner!
If you do a block of 22.214.171.124/16 it should fix the problem since it seems to only be segregated to that /16 block. Blocking the whole /16 might be excessive. But if the traffic is useless to you anyway, it might save a headache
| ServerHub | an INC 500 Company | Enterprise Dedicated and Cloud Solutions Built for Scale | | AS62904: Dallas TX | Chicago IL | New York NY || AS30693: Phoenix AZ | Seattle WA | AS49532: Frankfurt DE | [email protected] |
If you're being specifically targeted by that IP range, they'll likely just pop up under a new IP after you block the original range. Addressing the vulnerabilities they're seeking to exploit would be better. If it's a client site and you can't make the appropriate upgrades, it'd definitely be worth your time implementing a robust set of mod_security rules.
▄▀▄ Brian Harrison, Lead Engineer - Reprise Hosting (AS62838)
▄▀▄ Deals on cheap dedicated server hosting.IPMI included!Unmetered bandwidth.
▄▀▄ Website migration, 24/7/365 support, basic server setup, 15 day money back.
▄▀▄ Looking for DEALS on self-managed cheap VPS hosting? Visit VPSHostingDEAL.com
Since it is not possible to use CSF or any other firewall on CloudSites, you're pretty limited in what you can do.
One very effective way to block entire countries is with CloudFlare. You can enter a country (CN, RU, VN, etc) in the threat page and visitors the entire country will be presented with a CAPTCHA page. Those spammers are almost certainly bots so they will go away.