I run apache-2.4.46 on linux
In .htaccess file I have a long list of IP-subnets (over 500-subnets)
that I ban (mostly spammers).
But I've notices that my .htaccess prevent access to customers from IP
that are not on the ban list.
In the .htaccess the IP's are listed in numerical order, eg.:
<Files history.txt>
Require all denied
</Files>
<RequireAll>
Require all granted
# block spammers:
...
Require not ip 152.32.186.0/24
Require not ip 157.230.0.0/16
Require not ip 157.7.160.0/22
Require not ip 158.255.128.0/19
...
</RequireAll>
apache log:
157.55.39.252 - - [09/Feb/2021:17:04:33 -0700] "GET /product_info.php
HTTP/1.1" 403 199
The above user is from Microsoft Network
CIDR: 157.60.0.0/16, 157.54.0.0/15, 157.56.0.0/14
that does not appear on my list.
So why my configuration is blocking that user?
The apache .htaccess just blocked IP: 159.14.184.11
this is "Organization: The Children's Hospital of philadelphia"
CIDR: 159.14.0.0/16
and that CIDR is not on my list, why apache is locking it?
Do these IP subnets need to be sorted in order for them to work correctly?
I can post them here if somebody wants to test it, if it is OK. They
are just subdomains not an individual IP's.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@community.apache.org
For additional commands, e-mail: dev-h...@community.apache.org
