- edit apache conf to use blacklist using command
/etc/apache2/apache2.conf
. add the following lines:# Block ip addresses in our ipblacklist.conf file <Location /> <RequireAll> Require all granted Include /etc/apache2/ipblacklist.conf </RequireAll> </Location>
- create/edit blacklist file using the command
sudo nano /etc/apache2/ipblacklist.conf
. for each address you want to block, create a line withRequire not ip <address>
, e.g.,Require not ip 101.230.240.3
. You can also add multiple addresses on one line separated by spaces, but it's harder to change/manage later.
(thanks to https://confluence.jaytaala.com/display/TKB/Securing+Apache+and+blocking+a+list+of+ip+addresses)