I want to block all IP Addresses starting like this 2a01:598:xxx
in my .htaccess
file on my WordPress website.
But everytime I edit my .htaccess
file I can't visit my website anymore. I get an Internal Server Error.
And the end of my .htaccess
file after # END WordPress
I added the Code:
Require all granted
Require not ip 2a01:598:
I also tried this variation:
Require all granted
Require not ip 2a01:598:::
But nothing worked. Even when I try to block my own IPv4 Address like this:
Require all granted
Require not ip 11.222.33.444 (with my IP instead)
I get a 500 Internal Server Error?
I don't know what to do. I just want to block all IP-Addresses starting like this 2a01:598:
in my .htaccess
file.
Best Answer
If you get a 500 Internal Server Error you need to check your server's error log for details of the error. The 500 status is simply a catch-all response returned to the client because of some specific server error.
There are a number issues here that result in errors...
In both these cases, the specified IPv6 addresses
2a01:598:
and2a01:598:::
are not valid - hence the 500 error response. You could use2a01:598::
(2 colons), but that is short for the specific IPv6 address2a01:598:0:0:0:0:0:0
, which is not what you require.With IPv4 addresses, Apache allows you to use partial IP addresses (whole octets), eg.
203.0.113
(no trailing dot). For IPv6 addresses, you might expect2a01:598
to be permitted, however, this does not appear to be supported as this again results a 500 response and the "The specified IP address is invalid" error being logged.To specify an IPv6 address range you need to use CIDR notation. For example, to specify the range of IPs that "start
2a01:598:
", you would need to use2a01:598::/32
using CIDR notation (example).When you specify multiple
Require
directives in this way, Apache defaults to a<RequireAny>
container. Negated directives (ie.Require not
) are not permitted in a<RequireAny>
container; hence the 500 error. ("negative Require directive has no effect in<RequireAny>
directive" being logged as the error.) You need to explicitly use the<RequireAll>
container here.Reference:
Solution
So, you would need to do something like the following instead:
Logically, this should go near the top of your
.htaccess
file, before the# BEGIN WordPress
comment marker. Blocking directives should be first. However, it probably doesn't matter (because of the way Apache processes different modules).