# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD IP ADDRESSES OR IP RANGES YOU WANT TO BLOCK ### ############################################################################## # ___ __ # # / _ | ___ ___ _____/ / ___ # # / __ |/ _ \/ _ `/ __/ _ \/ -_) # # /_/ |_/ .__/\_,_/\__/_//_/\__/ # # __/_/ __ ___ __ ___ __ __ # # / _ )___ ____/ / / _ )___ / /_ / _ )/ /__ ____/ /_____ ____ # # / _ / _ `/ _ / / _ / _ \/ __/ / _ / / _ \/ __/ '_/ -_) __/ # # /____/\_,_/\_,_/ /____/\___/\__/ /____/_/\___/\__/_/\_\\__/_/ # # # ############################################################################## # This is merely an example and gets auto included as since Version 2.2017.05 introduced on 2017-04-19 # This file must exist on your system or Apache will fail a reload due to a missing file # For all intents and purposes you can delete everything inside this file and leave it # completely blank if you do not want your Apache Blocker to do any blocking of bad IP's Require not ip 104.223.37.150 Require not ip 104.5.92.27 Require not ip 107.150.63.170 Require not ip 109.236.83.247 Require not ip 137.74.49.205 Require not ip 137.74.49.208 Require not ip 146.0.74.150 Require not ip 148.251.54.44 Require not ip 149.56.151.180 Require not ip 149.56.232.146 Require not ip 150.70.0.0/16 Require not ip 151.80.27.90 Require not ip 151.80.99.90 Require not ip 151.80.99.91 Require not ip 154.16.199.144 Require not ip 154.16.199.34 Require not ip 154.16.199.48 Require not ip 154.16.199.78 Require not ip 158.69.142.34 Require not ip 166.62.80.172 Require not ip 173.212.192.219 Require not ip 173.234.11.105 Require not ip 173.234.153.106 Require not ip 173.234.153.30 Require not ip 173.234.175.68 Require not ip 173.234.31.9 Require not ip 173.234.38.25 Require not ip 176.126.245.213 Require not ip 178.238.234.1 Require not ip 185.35.63.128 Require not ip 185.100.87.238 Require not ip 185.115.125.99 Require not ip 185.119.81.11 Require not ip 185.119.81.63 Require not ip 185.119.81.77 Require not ip 185.119.81.78 Require not ip 185.130.225.65 Require not ip 185.130.225.66 Require not ip 185.130.225.83 Require not ip 185.130.225.90 Require not ip 185.130.225.94 Require not ip 185.130.225.95 Require not ip 185.130.226.105 Require not ip 185.153.197.103 Require not ip 185.159.36.6 Require not ip 185.183.96.33 Require not ip 185.47.62.199 Require not ip 185.62.190.38 Require not ip 185.70.105.161 Require not ip 185.70.105.164 Require not ip 185.85.239.156 Require not ip 185.85.239.157 Require not ip 185.86.13.213 Require not ip 185.86.5.199 Require not ip 185.86.5.212 Require not ip 185.92.72.88 Require not ip 185.93.185.11 Require not ip 185.93.185.12 Require not ip 188.209.52.101 Require not ip 190.152.223.27 Require not ip 191.96.249.29 Require not ip 192.69.89.173 Require not ip 193.201.224.205 Require not ip 195.154.183.190 Require not ip 195.229.241.174 Require not ip 200.7.105.43 Require not ip 210.212.194.60 Require not ip 216.218.147.194 Require not ip 220.227.234.129 Require not ip 23.253.230.158 Require not ip 23.89.159.176 Require not ip 31.170.160.209 Require not ip 45.32.186.11 Require not ip 45.76.21.179 Require not ip 46.249.38.145 Require not ip 46.249.38.146 Require not ip 46.249.38.148 Require not ip 46.249.38.149 Require not ip 46.249.38.150 Require not ip 46.249.38.151 Require not ip 46.249.38.152 Require not ip 46.249.38.153 Require not ip 46.249.38.154 Require not ip 46.249.38.159 Require not ip 51.255.172.22 Require not ip 5.39.218.232 Require not ip 5.39.219.24 Require not ip 5.39.222.18 Require not ip 5.39.223.134 Require not ip 54.213.16.154 Require not ip 54.213.9.111 Require not ip 62.210.146.49 Require not ip 62.210.88.4 Require not ip 65.98.91.181 Require not ip 69.162.124.237 Require not ip 69.64.147.24 Require not ip 72.8.183.202 Require not ip 77.247.178.191 Require not ip 77.247.178.47 Require not ip 77.247.181.219 Require not ip 78.31.184.0/21 Require not ip 78.31.211.0/24 Require not ip 79.110.128.17 Require not ip 79.110.128.63 Require not ip 79.110.128.252 Require not ip 79.110.128.128 Require not ip 80.87.205.10 Require not ip 80.87.205.11 Require not ip 85.17.230.23 Require not ip 85.17.26.68 Require not ip 91.185.190.172 Require not ip 91.200.12.0/22 Require not ip 91.200.12.15 Require not ip 91.200.12.49 Require not ip 91.200.12.91 Require not ip 92.222.66.137 Require not ip 93.104.209.11 Require not ip 93.158.200.103 Require not ip 93.158.200.105 Require not ip 93.158.200.115 Require not ip 93.158.200.124 Require not ip 93.158.200.126 Require not ip 93.158.200.66 Require not ip 93.158.200.68 Require not ip 93.238.202.44 # Cyveillance / Qwest Communications / PSINET # ******************************************* # I am extensively researching this subject - appears to be US government involved # and also appears to be used by all sorts of law enforcement agencies. For one they # do not obey robots.txt and continually disguise their User-Agent strings. Time will # tell if this is all correct or not. # For now see - https://en.wikipedia.org/wiki/Cyveillance # IMPORTANT UPDATE ON Cyveillance / Qwest Communications !!! # ********************************************************** # I have done a lot of research on Cyveillance now and through monitoring my logs I know # for sure what companies are using them and what they are actually looking for. # My research has led me to understand that Cyveillance services are used by hundreds # of companies to help them dicsover theft of copyrighted materials like images, movies # music and other materials. I personally believe a lot of block lists who originally recommended # blocking Cyveillance have done so to protect their torrent or p2p sites from being scanned. # I personally have now unblocked them as image theft is a big problem of mine but if you # do want to allow Cyveillance you can simply modify the entries in the below from "Require not ip" to "Require ip" # Getty Images is one such company who appears to use Cyveillance to help monitor for copyright theft. # Use this section at YOUR OWN RISK, you may block some legitimate networks but after many hours of # Research this is now the completely updated list of all IP ranges IPV4 and IPV6 owned Qwest Communications # PSINET and Cyveillance. # IMPORTANT NOTE: If you really want to keeps bot and things out of certain parts of your web site # Rather implement a comlex Google Re-Captcha to reach sections of your sites and for people to be able # to access download links. Google Re-Captcha with images is too complex for any bot. # Only uncomment the lines below if you want to block these ranges otherwise rather just leave it as is. #Require not ip 4.17.135.32/27 #Require not ip 38.0.0.0/8 #Require not ip 63.144.0.0/13 #Require not ip 65.112.0.0/12 #Require not ip 65.192.0.0/11 #Require not ip 206.2.138.0/23 #Require not ip 208.71.164.0/22 # BERKELEY SCANNER # **************** # The Berkeley University has a scanner testing all over the web sending a complex # payload an expecting a reply from servers who are infected or who just respond to such # a payload. The payload looks similar to this # "$\xC9\xE1\xDC\x9B+\x8F\x1C\xE71\x99\xA8\xDB6\x1E#\xBB\x19#Hx\xA7\xFD\x0F9-" # and is sometime VERY long. You may have noticed this in your logs. # I support research projects and all my servers respond with an error to this type of # string so I do not block them but if you want to block just uncomment the following line # or email them asking them not to scan your server. They do respond. # Visit http://169.229.3.91/ for more info # If you really do want to block them uncomment the line below. #Require not ip 169.229.3.88/29