If I'm not mistaken, there's a trick to reducing duplicate content in .htaccess. So like in the above code box, it could be simplified by separating CIDR addresses by a space:On our host, the editor seems to have an auto-correction on it, which when I grouped thousand of CIDR addresses into on string, it burped. Splitting them out, I found something in the up to 658 CIDRs was acceptable per each 'Deny from' starting string. Your server may vary, but expressing these without all the single row Deny from text strings, will cut down substantially on this file's size as your battle with the cyber enemies rages on.
The trick to organization is the same as with the single row Deny from lines, keeping them in order (as above) and using the search function to look for duplicates when adding new ones.
![:idea:]( "Idea")
For those using Cloudflare too, many of the CIDR addresses can be removed from your host's .htaccess file, because CF can block groups of CIDRs based on an offender's AS number or Autonomous System Number. So, for the Goodbye-Alibaba example, you'd set a WAF block rule with AS NUM equals 45102 or in true expression form: (ip.src.asnum eq 45102). Then, no matter how minute of a CIDR they own, every one of them that's associated with AS45102 gets blocked before it ever sees any forum page on your host. It cuts way down on traffic that way, both 403 responses and any requests that would filter past your individual .htaccess CIDRs.
![;)]( "Wink")
Code:
# Goodbye alibabaOrder Allow,DenyDeny from 47.74.0.0/15 47.76.0.0/14 47.80.0.0/13 47.235.0.0/16 47.236.0.0/14 47.240.0.0/14 47.244.0.0/15 47.246.0.0/16Allow from allThe trick to organization is the same as with the single row Deny from lines, keeping them in order (as above) and using the search function to look for duplicates when adding new ones.
For those using Cloudflare too, many of the CIDR addresses can be removed from your host's .htaccess file, because CF can block groups of CIDRs based on an offender's AS number or Autonomous System Number. So, for the Goodbye-Alibaba example, you'd set a WAF block rule with AS NUM equals 45102 or in true expression form: (ip.src.asnum eq 45102). Then, no matter how minute of a CIDR they own, every one of them that's associated with AS45102 gets blocked before it ever sees any forum page on your host. It cuts way down on traffic that way, both 403 responses and any requests that would filter past your individual .htaccess CIDRs.
Statistics: Posted by SQLnovice — Tue May 13, 2025 5:22 am