Deny IP Range (CIDR notation)

Topics: User Forum
Feb 27, 2010 at 3:31 AM

With .htaccess, we can do something like:

deny from
deny from

I am wondering if we can do the same with IIRF or are we limited to RegEx format.  If we are limited to RegEx, does anyone know if there is a quick converter to bulk-parse CIDR to RegEx?


Feb 28, 2010 at 3:37 AM

Yes, you have to check the examples

There are some examples of blocking requests by IP Address.

Feb 28, 2010 at 4:08 PM

Thank you for your reply.

However, what if I have a list of over 500+ IP ranges in CIDR notation in different size.

To be exact, I wish to block my website from access from Australia using the information found in this website:

If IIRF only support blocking by RegEx (and not CIDR), then I will have to convert all 500+ lines of CIDR notations to RegEx, right?

Mar 1, 2010 at 7:08 PM

Yes.  Or, you could also use a RewriteMap, a feature that was added to IIRF in v2.1.   (Check the docs)

One way or the other, the list of banned IPs has to be available.

As far as bulk-parsing, it should be a simple Perl script.  If you don't write perl, try  You can contract out mini programming jobs, quickly.