Block China and Korea From Apache Based Servers or Forums with a .htaccess Blocklist

The IP addresses and CIDR ranges in this blocklist deny Apache based server access to most of China and Korea.

Compiled by Wizcrafts Computer Services (see website links in footer)

We publish additional .htaccess blocklists to block spammers, scammers, hackers and exploited servers.

See our other .htaccess blocklists: Exploited Servers Blocklist | Nigerian Blocklist | Russian Blocklist | South American Blocklist

These IP blocklists are also available in iptables format, for use in Linux based firewalls.

SpamArrest stops 100% of email spam

If you are just trying to block scams and spam from your email inbox, read this section.

Apache web servers use a special access control file named .htaccess, which uses a combination of directives to allow or deny access to files or folders on the server. The .htaccess file is also used to create custom redirect rules for files, folders and entire websites that have been moved, deleted, or are temporarily or permanently gone. The proper location for your .htaccess file is in the web root. This is typically a directory named public_html, or web, depending on your hosting company.

If you are running an Apache Server based website or forum that is plagued by Chinese or Korean spammers, or exploiters, adding this DENY FROM list to your .htaccess file, in the web-root of your server, will block access to any person (or spam server) covered by a CIDR in this list. This includes compromised or hijacked web and mail servers, Internet Cafes, Internet capable cellphones, and DSL, Cable, and dialup ISPs. All of these IP addresses or CIDR blocks are listed here because spammers have been using them to host "spamvertized" websites, to send spam email messages, or to leave spam comments on blogs, or subverting website access logs with referrer spam messages.

The .htaccess file begins with a period, which makes it appear to have no prefix to Windows users. However, to a Unix based web server any file that begins with a period is considered a hidden system file. If you manage your website by using an FTP Client (program) to upload files it may require you to enter a special code, or check a box that allows hidden server files to be displayed. For example, WS_FTP (a very popular FTP Client) has a place to add the code -al (that is a lowercase L) in the startup configuration of sites that are added to the Site list. This code tells the server to display hidden files like .htaccess. If you are using WS_FTP open the Site Manager, create a website connection, or select an existing one (left click once), click the Edit button to open the Site Options, then click on the Startup link in Site Options. Find the input field named "Remote file mask" and type -al in it, then click OK to save the change. Now, when you log onto the website you will be able to view, edit, upload or download normally hidden files like .htaccess.

If you do not use an FTP Client to upload files, but are using a web-based control panel, it is entirely up to your web host as to whether or not you can view, alter, or upload .htaccess files.

Important Notice! Be careful when creating, editing, or pasting codes into a .htaccess file, because if you type an invalid term, directive, or character, or add an unescaped space in a regular expression, you may cause a Server 500 error to occur, locking everybody out of the website, except via FTP access (with login credentials).

The .htaccess file below, containing the Chinese/Korean Blocklist, has been tested and causes no errors on most Apache installations, but use it at your own risk. It is always a good idea to upload a new .htaccess file to a test directory and try to access a file in it from your browser. If you are not blocked from viewing the test file your .htaccess is probably good to go.

The rest of this page revolves around using the Apache module mod_authz_host to block unwanted traffic from most of China and Korea. If your website is used to do business with people in these countries using this list will not be a good idea. If you don't know if a custom .htaccess file, or the use of mod_authz_host is allowed/supported on your web server, ask the hosting company's support department (send an example of the code from here).

Add (copy and paste) this list to your existing .htaccess file on your Apache server, or copy all the content between the horizontal lines into a new text file, in Notepad (or equivilant), save as a plain .txt file, then rename it .htaccess, and upload it in ASCII mode to your web server, to the root directory where your publicly viewable html files reside (not above the public web root, nor in a sub-directory). This directory may be called /web or /public_html, etc.

We can create custom blocklists for Apache based websites, based on your particular needs, at reasonable hourly rates. If you want to hire us to create a custom blocklist, or install this .htaccess blocklist on your server for you, contact us through our Webmaster Services contact form.

And now, a word from one of our sponsors:

Lines beginning with the # sign are comments, and are not interpreted by the server. Comments (#) can be used to temporarily add or remove an IP address/block from the list.

Any IP address falling within a CIDR range covered by this list will be denied all access to your Apache server, except for the 403 - Access Forbidden - message.

Everything between the horizontal lines is .htaccess directives, comments (#) and IP deny lists. This list will be updated whenever a new ISP or server farm is traced to spammers in any of these countries, or an IP range is removed after further research (to protect the innocent). The last directive forbids web visitors from viewing your .htaccess file online, as a security measure.

Caution: Use this list at your own risk! If you misspell a directive, or add a space where there shouldn't be one, or remove the spaces between IP ranges, you may cause a Server 500 lockout error (stay logged into your FTP program just in case). Wizcrafts will not be responsible for any problems that may arise from the use of this blocklist.
My cat, pleading for contributions to help finance my blocklist research
If you find these blocklists useful, please Donate to Wizcrafts. Contributions from people like you, who benefit from these blocklists, will enable this work to continue. We really can use your kind donations, in any amount!
Please Donate via PayPal

This blocklist was last updated on Thursday, 17-Apr-2014 09:57:31 MDT

Monitor this page for changes

It's private by ChangeDetection

<Files *>
order deny,allow

# Cambodia (KH)
deny from

# Chinese (CN) IP addresses follow:
deny from

# Hong Kong (HK)
deny from

# India (IN), Bangladesh (BD) and Pakistan (PK)
deny from

# Indonesia (ID)
deny from

# Japan (JP) (hacking, scraping, or spamming)
deny from

# Korea (KR) IP addresses follow:
deny from

# Yahoo-Korea (provides free email services used by some spammers)
deny from

# Neighboring Asian countries:

# Malaysia (MY)
deny from

# Philippines (PH)
deny from

# Singapore (SG)
deny from

# Taiwan (TW)
deny from

# Thailand (TH)
deny from

# Vietnam (VN)
deny from

# End Chinese-Korean blocklist

# Add other blocked domain names or IP addresses here, starting with "deny from " without quotes

# If you find that you need to poke a hole in the blocklist, for legitimate visitors, follow this example: allow from 123.456.789.0

# Add "allow from" IP addresses, or CIDR Ranges, after all of the "deny from" items, just before the closing Files tag.

# Everything not included within these deny from ranges is PERMITTED by the allow portion of the directive.


# This prevents web browsers or spiders from seeing your .htaccess directives:

<Files .htaccess>
deny from all

# End of file
If you find these blocklists useful, please Donate to Wizcrafts. Contributions from people like you, who benefit from these blocklists, will enable this work to continue.
Donate via PayPal

Anti-Spam email filtering solutions for companies and end-users

SpamArrest stops 100% of email spam

Mailwasher Pro

If you are tired of receiving spam, viruses and Phishing schemes in your personal computer's email inbox, why not give Mailwasher Pro a try? Mailwasher Pro is a program that intercepts and analyzes incoming email before it is delivered to your Eudora, IncrediMail, Outlook (Express), Thunderbird, or equivilant email client's inbox. Mailwasher uses a combination of Bayesian Learning Filters, a user controlled Whitelist and Blacklist, user created filters and rules, including regular expressions rules, DNS Blocklists like the Spamcop SBL, and the FirstAlert! Database of known spam as identified and reported by other Mailwasher Pro users around the World, to identify and deal with spam, scams, schemes and viruses. More details about MailWasher Pro.

This blocklist is compiled and maintained by Wizcrafts Computer Services. Use it at your own risk.
No warranties are implied or stated and we are not liable for any problems that may arise from it's use.
We provide Webmaster and website security consulting services on a freelance paid basis.
This page was last updated on: Thursday, 17-Apr-2014 09:57:31 MDT
If you wish to contribute new IP addresses to this list, or hire us install a custom .htaccess file for you, please contact us via our Webmaster inquiries form.