I've got a website running from home that's private and not there for the world to see but actually for myself and some friends.
I checked the logs this weekend and noticed 9 or so attempts on the site with several vulnerability scanners.
So I'm trying to improve security. Using the robots.txt method, I've blocked access from user agents such as googlebots etc. I can see that this is working.
What I want to do now is block entire countries from accessing the site. I know about .htaccess and guess the easiest & most efficient way would be to put a single rule of;
"block ip address range of the world"
What can I do to simply allow UK (& if poss Ireland) IP access only, while keeping the bandwidth to a minimum.
I found a site that creates rules for you, but it seems a bit tacky, so I don't know wether to trust it.
I've added the htaccess file I'll be using with the full IP range list for the UK & Ireland from another source. Would .htaccess with the following code work? Or can you suggest a better method.
Note: Bear in mind I've excluded the majority of the code/ips on this page.
<Limit GET HEAD POST>
# Country: UNITED KINGDOM
# ISO Code: GB
# Total Networks: 3,691
# Total Subnets: 70,634,584
allow from 220.127.116.11/24
allow from 18.104.22.168/22
allow from 22.214.171.124/22
allow fr.................... - Several Hundred lines of ip's
# Country: IRELAND
# ISO Code: IE
# Total Networks: 221
# Total Subnets: 4,200,096
......................... - More ip's
allow from 126.96.36.199/20
deny from all