在 htaccess 中使用 mod 访问阻止多个 ip 范围 [英] Blocking multiple ip ranges using mod access in htaccess

问题描述

我从 apache 站点阅读了指南，但我有点困惑，我正在尝试使用以下语法禁止某些范围:

<前>命令允许，拒绝拒绝来自 127.0.55.0/127.0.75.255拒绝来自 127.0.235.0/127.0.255.255允许所有人

但我认为它不能正常工作，可能是语法错误或我使用方式错误，我应该在htaccess中在哪里写这段文字?在其他行之前还是之后?在同一个 htaccess 文件中，也有一些 mod 重写脚本(用于反盗链).

解决方案

我使用 apache 文档.

您可以使用 ip/netmask 对指定地址范围:

拒绝来自 127.0.55.0/24

但是，由于范围 55 - 75 不是 2 的幂，我不知道如何从它们中提取范围.我会添加几个规则.

订单允许，拒绝拒绝来自 127.0.55.0/24//匹配 55拒绝从 127.0.56.0/21//匹配 56 到 64拒绝来自 127.0.64.0/21//匹配 64 到 71拒绝从 127.0.72.0/22//匹配 72 到 75拒绝来自 127.0.235.0/24//匹配 235deny from 127.0.236.0/22//匹配 236 到 239deny from 127.0.240.0/21//匹配 240 到 255允许所有人

应该可以.

注意:在粘贴到 htaccess 之前删除 // 之后的注释

I read the guide from apache site but I'm a bit confused, I'm trying to ban some ranges using this syntax:

order allow,deny
deny from 127.0.55.0/127.0.75.255
deny from 127.0.235.0/127.0.255.255
allow from all

But I think it's not working properly, probably the syntax is wrong or I'm using it in the wrong way, where should I write this text in htaccess? before the other lines or after? in the same htaccess file there're some mod rewrite script too (for anti-hotlinking).

解决方案

I've come to this answer using apache documentation.

You can give an address range using ip/netmask pair :

deny from 127.0.55.0/24

However, since range 55 - 75 are not power of two, I don't see how to make a range out of them. I'd add several rules.

order allow,deny
deny from 127.0.55.0/24  // Matches 55
deny from 127.0.56.0/21  // Matches 56 to 64
deny from 127.0.64.0/21  // Matches 64 to 71
deny from 127.0.72.0/22  // Matches 72 to 75

deny from 127.0.235.0/24 // Matches 235
deny from 127.0.236.0/22 // Matches 236 to 239
deny from 127.0.240.0/21 // Matches 240 to 255
allow from all

should work.

NB: Remove the comments after // before pasting into htaccess

这篇关于在 htaccess 中使用 mod 访问阻止多个 ip 范围的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！