Ive found a trend in locations sites get abused from so now its tim eto block them. Easy I thought, just block the IP ranges a host owns.


<Limit GET HEAD POST>
order allow,deny
deny from 66.225.201.0/24
deny from 66.225.253.0/24
...
...
...
allow from all
</LIMIT>


I would like to take this up a notch and block by host name mask but cant find anything about this.

I would like to block access from any site containing host in its domain name. The reason behind this is to block all access from compromised webhosting companies running web proxies. I see no reason why a real human would purchase using a webhosting address.

deny from *.*hosting.*
deny from *.*host.*

Block any.anyHOSTING.any
Block any.anyHOST.any
Block any.anyHOSTS.any

Can this be done?

Deny/Allow from A (partial) domain-name

From http://httpd.apache.org/docs/1.3/mod/mod_access.html


Example:

Allow from apache.org

Hosts whose names match, or end in, this string are allowed access. Only complete components are matched, so the above example will match foo.apache.org but it will not match fooapache.org. This configuration will cause the server to perform a double reverse DNS lookup on the client IP address, regardless of the setting of the HostnameLookups directive. It will do a reverse DNS lookup on the IP address to find the associated hostname, and then do a forward lookup on the hostname to assure that it matches the original IP address. Only if the forward and reverse DNS are consistent and the hostname matches will access be allowed.

totally missed the point
Im looking for contain

deny all sites containing xyz not ending as you pointed out