The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking RIPE, APNIC, AFRINIC, and LACNIC

Discussion in 'Security' started by GoWilkes, May 9, 2017.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    395
    Likes Received:
    5
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Most of the sites on my server only target US traffic, but a few deal with international so I can't really block through the firewall. Currently, I have a MySQL table with a series of IP ranges listed, and I allow each user to access that table in their header and deny access to any IP within a found range, which saves a lot of server stress but it doesn't help prevent spam (unfortunately).

    I'm pasting below the IP ranges that are being blocked. I'm concerned about the list staying updated, though... I had one local internet provider that started using what used to be a foreign IP range, so now I worry that I need to access an up-to-date public database somewhere.

    So the first question is, can you guys recommend a way to block RIPE, APNIC, AFRINIC, and LACNIC IPs on a site level? And, if possible, on an email level?

    If not, what are your thoughts on permanently blocking the following IP ranges? If it's not a good idea, do you know of a public database I can use instead of gathering them locally?

    Code:
    # Russia .ru
    89.0.0.0/8
    
    # RIPE.NET (Europe, the Middle East and parts of Central Asia)
    62.0.0.0/8
    77.0.0.0/8
    78.0.0.0/8
    79.0.0.0/8
    80.0.0.0/8
    81.0.0.0/8
    82.0.0.0/8
    83.0.0.0/8
    84.0.0.0/8
    85.0.0.0/8
    86.0.0.0/8
    87.0.0.0/8
    88.0.0.0/8
    89.0.0.0/8
    90.0.0.0/8
    91.0.0.0/8
    193.0.0.0/8
    194.0.0.0/8
    195.0.0.0/8
    212.0.0.0/8
    213.0.0.0/8
    217.0.0.0/8
    
    # APNIC (Asian Pacific Network Information Center)
    58.0.0.0/8
    59.0.0.0/8
    60.0.0.0/8
    61.0.0.0/8
    202.0.0.0/8
    203.0.0.0/8
    210.0.0.0/8
    211.0.0.0/8
    218.0.0.0/8
    219.0.0.0/8
    220.0.0.0/8
    221.0.0.0/8
    222.0.0.0/8
    116.0.0.0/8
    117.0.0.0/8
    118.0.0.0/8
    119.0.0.0/8
    120.0.0.0/8
    121.0.0.0/8
    122.0.0.0/8
    123.0.0.0/8
    124.0.0.0/8
    125.0.0.0/8
    126.0.0.0/8
    
    # LACNIC (Latin American and Caribbean Network Information Center)
    189.0.0.0/8
    190.0.0.0/8
    200.0.0.0/8
    201.0.0.0/8
    
    # Other
    141.0.0.0/8
    88.0.0.0/8
    85.0.0.0/8
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,287
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can use the "Blacklisted SMTP IP addresses" option under "Access Lists" in "WHM >> Exim Configuration Manager >> Basic Editor" if you'd like to block full IP ranges. As far as at the domain level, you'd need to utilize an .htaccess file to do this:

    How to Block an IP address range using the .htaccess file

    This third-party URL includes some links to public databases:

    How do I block a country using .htaccess

    Thank you.
     
Loading...

Share This Page