custom.d/blacklist-ips.conf

# EDIT THIS FILE AS YOU LIKE TO ADD OR REMOVE ANY BAD IP ADDRESSES OR IP RANGES YOU WANT TO BLOCK ###

##############################################################################
#        ___                 __                                              #
#       / _ | ___  ___ _____/ /  ___                                         #
#      / __ |/ _ \/ _ `/ __/ _ \/ -_)                                        #
#     /_/ |_/ .__/\_,_/\__/_//_/\__/                                         #
#        __/_/        __   ___       __     ___  __         __               #
#       / _ )___ ____/ /  / _ )___  / /_   / _ )/ /__  ____/ /_____ ____     #
#      / _  / _ `/ _  /  / _  / _ \/ __/  / _  / / _ \/ __/  '_/ -_) __/     #
#     /____/\_,_/\_,_/  /____/\___/\__/  /____/_/\___/\__/_/\_\\__/_/        #
#                                                                            #
##############################################################################

# This is merely an example and gets auto included as since Version 2.2017.05 introduced on 2017-04-19
# This file must exist on your system or Apache will fail a reload due to a missing file
# For all intents and purposes you can delete everything inside this file and leave it
# completely blank if you do not want your Apache Blocker to do any blocking of bad IP's

Require not ip 104.223.37.150
Require not ip 104.5.92.27
Require not ip 107.150.63.170
Require not ip 109.236.83.247
Require not ip 137.74.49.205
Require not ip 137.74.49.208
Require not ip 146.0.74.150
Require not ip 148.251.54.44
Require not ip 149.56.151.180
Require not ip 149.56.232.146
Require not ip 150.70.0.0/16
Require not ip 151.80.27.90
Require not ip 151.80.99.90
Require not ip 151.80.99.91
Require not ip 154.16.199.144
Require not ip 154.16.199.34
Require not ip 154.16.199.48
Require not ip 154.16.199.78
Require not ip 158.69.142.34
Require not ip 166.62.80.172
Require not ip 173.212.192.219
Require not ip 173.234.11.105
Require not ip 173.234.153.106
Require not ip 173.234.153.30
Require not ip 173.234.175.68
Require not ip 173.234.31.9
Require not ip 173.234.38.25
Require not ip 176.126.245.213
Require not ip 178.238.234.1
Require not ip 185.35.63.128
Require not ip 185.100.87.238
Require not ip 185.115.125.99
Require not ip 185.119.81.11
Require not ip 185.119.81.63
Require not ip 185.119.81.77
Require not ip 185.119.81.78
Require not ip 185.130.225.65
Require not ip 185.130.225.66
Require not ip 185.130.225.83
Require not ip 185.130.225.90
Require not ip 185.130.225.94
Require not ip 185.130.225.95
Require not ip 185.130.226.105
Require not ip 185.153.197.103
Require not ip 185.159.36.6
Require not ip 185.183.96.33
Require not ip 185.47.62.199
Require not ip 185.62.190.38
Require not ip 185.70.105.161
Require not ip 185.70.105.164
Require not ip 185.85.239.156
Require not ip 185.85.239.157
Require not ip 185.86.13.213
Require not ip 185.86.5.199
Require not ip 185.86.5.212
Require not ip 185.92.72.88
Require not ip 185.93.185.11
Require not ip 185.93.185.12
Require not ip 188.209.52.101
Require not ip 190.152.223.27
Require not ip 191.96.249.29
Require not ip 192.69.89.173
Require not ip 193.201.224.205
Require not ip 195.154.183.190
Require not ip 195.229.241.174
Require not ip 200.7.105.43
Require not ip 210.212.194.60
Require not ip 216.218.147.194
Require not ip 220.227.234.129
Require not ip 23.253.230.158
Require not ip 23.89.159.176
Require not ip 31.170.160.209
Require not ip 45.32.186.11
Require not ip 45.76.21.179
Require not ip 46.249.38.145
Require not ip 46.249.38.146
Require not ip 46.249.38.148
Require not ip 46.249.38.149
Require not ip 46.249.38.150
Require not ip 46.249.38.151
Require not ip 46.249.38.152
Require not ip 46.249.38.153
Require not ip 46.249.38.154
Require not ip 46.249.38.159
Require not ip 51.255.172.22
Require not ip 5.39.218.232
Require not ip 5.39.219.24
Require not ip 5.39.222.18
Require not ip 5.39.223.134
Require not ip 54.213.16.154
Require not ip 54.213.9.111
Require not ip 62.210.146.49
Require not ip 62.210.88.4
Require not ip 65.98.91.181
Require not ip 69.162.124.237
Require not ip 69.64.147.24
Require not ip 72.8.183.202
Require not ip 77.247.178.191
Require not ip 77.247.178.47
Require not ip 77.247.181.219
Require not ip 78.31.184.0/21
Require not ip 78.31.211.0/24
Require not ip 79.110.128.17
Require not ip 79.110.128.63
Require not ip 79.110.128.252
Require not ip 79.110.128.128
Require not ip 80.87.205.10
Require not ip 80.87.205.11
Require not ip 85.17.230.23
Require not ip 85.17.26.68
Require not ip 91.185.190.172
Require not ip 91.200.12.0/22
Require not ip 91.200.12.15
Require not ip 91.200.12.49
Require not ip 91.200.12.91
Require not ip 92.222.66.137
Require not ip 93.104.209.11
Require not ip 93.158.200.103
Require not ip 93.158.200.105
Require not ip 93.158.200.115
Require not ip 93.158.200.124
Require not ip 93.158.200.126
Require not ip 93.158.200.66
Require not ip 93.158.200.68
Require not ip 93.238.202.44

# Cyveillance / Qwest Communications / PSINET
# *******************************************
# I am extensively researching this subject - appears to be US government involved
# and also appears to be used by all sorts of law enforcement agencies. For one they
# do not obey robots.txt and continually disguise their User-Agent strings. Time will
# tell if this is all correct or not.
# For now see - https://en.wikipedia.org/wiki/Cyveillance

# IMPORTANT UPDATE ON Cyveillance / Qwest Communications !!!
# **********************************************************
# I have done a lot of research on Cyveillance now and through monitoring my logs I know
# for sure what companies are using them and what they are actually looking for.
# My research has led me to understand that Cyveillance services are used by hundreds
# of companies to help them dicsover theft of copyrighted materials like images, movies
# music and other materials. I personally believe a lot of block lists who originally recommended
# blocking Cyveillance have done so to protect their torrent or p2p sites from being scanned.
# I personally have now unblocked them as image theft is a big problem of mine but if you
# do want to allow Cyveillance you can simply modify the entries in the below from "Require not ip" to "Require ip"
# Getty Images is one such company who appears to use Cyveillance to help monitor for copyright theft.

# Use this section at YOUR OWN RISK, you may block some legitimate networks but after many hours of
# Research this is now the completely updated list of all IP ranges IPV4 and IPV6 owned Qwest Communications
# PSINET and Cyveillance.

# IMPORTANT NOTE: If you really want to keeps bot and things out of certain parts of your web site
# Rather implement a comlex Google Re-Captcha to reach sections of your sites and for people to be able
# to access download links. Google Re-Captcha with images is too complex for any bot.

# Only uncomment the lines below if you want to block these ranges otherwise rather just leave it as is.

#Require not ip 4.17.135.32/27
#Require not ip 38.0.0.0/8
#Require not ip 63.144.0.0/13
#Require not ip 65.112.0.0/12
#Require not ip 65.192.0.0/11
#Require not ip 65.213.208.128/27
#Require not ip 65.222.176.96/27
#Require not ip 65.222.185.72/29
#Require not ip 206.2.138.0/23
#Require not ip 208.71.164.0/22

# BERKELEY SCANNER
# ****************
# The Berkeley University has a scanner testing all over the web sending a complex
# payload an expecting a reply from servers who are infected or who just respond to such
# a payload. The payload looks similar to this
# "$\xC9\xE1\xDC\x9B+\x8F\x1C\xE71\x99\xA8\xDB6\x1E#\xBB\x19#Hx\xA7\xFD\x0F9-"
# and is sometime VERY long. You may have noticed this in your logs.
# I support research projects and all my servers respond with an error to this type of
# string so I do not block them but if you want to block just uncomment the following line
# or email them asking them not to scan your server. They do respond.
# Visit http://169.229.3.91/ for more info

# If you really do want to block them uncomment the line below.

#Require not ip 169.229.3.91