Block Nigerian Scammers From Apache Based Servers or Forums with a .htaccess Blocklist

The IP addresses and CIDR ranges in this blocklist deny Apache based server access to most of Nigeria and it's neighboring countries, where most "419 Advance Fee Fraud" email scams and International Lottery scams originate.

Includes some satellite ISPs in other countries who lease IP addresses to Nigerian scammers and fraudsters

Compiled by Wizcrafts Computer Services (see website links in footer)

We publish additional .htaccess blocklists to block spammers, scammers, hackers and exploited servers.

See our other .htaccess blocklists: Exploited Servers Blocklist | Chinese/Korean Blocklist | Russian Blocklist | South American Blocklist

These IP blocklists are also available in iptables format, for use in Linux based firewalls.

SpamArrest stops 100% of email spam

If you are just trying to block scams and spam from your email inbox, read this section.

Apache web servers use a special access control file named .htaccess, which uses a combination of directives to allow or deny access to files or folders on the server. The .htaccess file is also used to create custom redirect rules for files, folders and entire websites that have been moved, deleted, or are temporarily or permanently gone. The proper location for your .htaccess file is in the web root. This is typically a directory named public_html, or web, depending on your hosting company.

If you are running an Apache Server based website or forum that is plagued by Nigerian scammers (dating scams, advance fee fraud, counterfeit check over payment scams), or other African fraudsters, adding this DENY FROM list to your .htaccess file, in the web-root of your server, will block access to anybody who gets their Internet connectivity from an ISP covered by this list. This includes New Skies Satellite Services, Internet Cafes, DSL, Cable, and dialup ISPs. Some IP blocks are leased from other ISPs in Europe and the USA, but all end up reassigned to Nigeria, or it's neighbors. All of these IP addresses or CIDR blocks are listed here because scammers have been using them to run financial fraud schemes (419 and associated financial scams) against people around the world who sell items on auction websites and traders' forums.

The .htaccess file begins with a period, which makes it appear to have no prefix to Windows users. However, to a Unix based web server any file that begins with a period is considered a hidden system file. If you manage your website by using an FTP Client (program) to upload files it may require you to enter a special code, or check a box that allows hidden server files to be displayed. For example, WS_FTP (a very popular FTP Client) has a place to add the code -al (that is a lowercase L) in the startup configuration of sites that are added to the Site list. This code tells the server to display hidden files like .htaccess. If you are using WS_FTP open the Site Manager, create a website connection, or select an existing one (left click once), click the Edit button to open the Site Options, then click on the Startup link in Site Options. Find the input field named "Remote file mask" and type -al in it, then click OK to save the change. Now, when you log onto the website you will be able to view, edit, upload or download normally hidden files like .htaccess.

If you do not use an FTP Client to upload files, but are using a web-based control panel, it is entirely up to your web host as to whether or not you can view, alter, or upload .htaccess files.

Important Notice! Be careful when creating, editing, or pasting codes into a .htaccess file, because if you type an invalid term, directive, or character, or add an unescaped space in a regular expression, you may cause a Server 500 error to occur, locking everybody out of the website, except via FTP access (with login credentials).

The .htaccess file below, containing the Nigerian Blocklist, has been tested and causes no errors on most Apache installations, but use it at your own risk. It is always a good idea to upload a new .htaccess file to a test directory and try to access a file in it from your browser. If you are not blocked from viewing the test file your .htaccess is probably good to go.

The rest of this page revolves around using the Apache module mod_authz_host to block unwanted visitors from entire countries in Africa. If you don't know if a custom .htaccess file, or the use of mod_authz_host is allowed/supported on your web server, ask the hosting company's support department (send an example of the code from here).

Add (copy and paste) this list to your existing .htaccess file on your Apache server, or copy all the content between the horizontal lines into a new text file, in Notepad (or equivilant), save as a plain .txt file, then rename it .htaccess, and upload it in ASCII mode to your web server, to the root directory where your publicly viewable html files reside (not above the public web root, nor in a sub-directory). This directory may be called /web or /public_html, etc.

We can create custom blocklists for Apache based websites, based on your particular needs, at reasonable hourly rates. If you want to hire us to create a custom blocklist, or install this .htaccess blocklist on your server for you, contact us through our Webmaster Services contact form.

And now, a word from one of our sponsors:

Lines beginning with the # sign are comments, and are not interpreted by the server. Comments (#) can be used to temporarily add or remove an IP address/block from the list.

Any IP address falling within a CIDR range covered by this list will be denied all access to your Apache server, except for the 403 - Access Forbidden - message.

Everything between the horizontal lines is .htaccess directives, comments (#) and IP deny lists. This list will be updated whenever a new ISP is traced to scammers in any of these countries, or an IP range is removed after further research (to protect the innocent). The last directive forbids web visitors from viewing your .htaccess file online, as a security measure.

Caution: Use this list at your own risk! There is a strong possibility of blocking innocent people who live in or near these regions, and also people who use ISPs that lease some of their IP space to Nigerians. If you misspell a directive, or add a space where there shouldn't be one, or remove the spaces between IP ranges, you may cause a Server 500 lockout error (stay logged into your FTP program just in case). Wizcrafts will not be responsible for any problems that may arise from the use of this blocklist.
My cat, pleading for contributions to help finance my blocklist research
If you find these blocklists useful, please Donate to Wizcrafts. Contributions from people like you, who benefit from these blocklists, will enable this work to continue. We really can use your kind donations, in any amount!
Please Donate via PayPal

This blocklist was last updated on Friday, 28-Mar-2014 09:33:58 MDT

Monitor this page for changes

It's private by ChangeDetection


<Files *>
order deny,allow

# Nigerian (NG) and African 419 Scammers IP addresses follow:
deny from 12.166.96.32/27 41.58.0.0/16 41.66.192.0/18 41.71.128.0/17 41.85.160.0/19 41.93.128.0/17 41.136.0.0/16 41.138.88.0/22 41.138.160.0/19 41.139.64.0/18 41.155.0.0/17 41.184.0.0/16 41.189.0.0/19 41.189.32.0/19 41.190.0.0/19 41.190.88.0/22 41.191.84.0/22 41.191.108.0/22 41.194.52.0/22 41.202.0.0/17 41.202.128.0/19 41.202.192.0/19 41.203.64.0/18 41.203.208.0/21 41.203.224.0/20 41.204.0.0/17 41.204.128.0/18 41.204.224.0/19 41.205.0.0/19 41.205.64.0/19 41.205.160.0/19 41.206.0.0/18 41.206.64.0/19 41.207.0.0/19 41.207.160.0/19 41.207.192.0/19 41.208.48.0/23 41.208.128.0/18 41.210.0.0/18 41.210.192.0/18 41.211.0.0/19 41.211.192.0/18 41.212.128.0/17 41.214.0.0/17 41.215.160.0/20 41.216.32.0/19 41.217.0.0/17 41.218.192.0/18 41.219.128.0/17 41.220.0.0/16 41.221.80.0/20 41.221.160.0/20 41.222.0.0/21 41.222.24.0/21 41.222.40.0/21 41.222.64.0/21 41.222.192.0/22 41.223.24.0/22 41.223.64.0/22 41.223.248.0/22 61.11.230.112/29 62.24.96.0/19 62.56.128.0/17 62.56.235.0/24 62.56.236.0/24 62.56.244.0/22 62.56.248.0/24 62.128.160.0/20 62.173.32.0/19 62.192.128.0/19 62.192.140.250 62.193.160.0/19 63.70.178.0/24 63.73.58.0/24 63.100.193.0/24 63.103.138.0/24 63.103.139.64/26 63.103.140.0/22 63.109.245.168/29 63.109.247.0/24 63.109.248.128/25 63.122.154.0/24 64.14.48.128/26 64.86.155.0/24 64.86.210.0/23 64.110.30.0/24 64.110.31.0/24 64.110.64.16/28 64.110.76.0/23 64.110.81.0/24 64.110.93.16/28 64.110.93.176/28 64.110.147.0/24 64.201.33.0/24 65.209.91.0/24 65.209.92.0/24 66.18.64.0/19 66.110.31.0/24 66.178.0.0/17 66.199.241.82 66.205.20.0/24
deny from 77.70.128.0/24 77.70.129.0/26 77.70.137.0/25 77.70.138.0/23 77.73.184.0/21 77.220.0.0/20 78.138.2.0/24 78.138.3.0/25 78.138.3.128/26 78.138.3.192/27 78.138.3.224/28 78.138.8.8/29 78.138.32.32/27 78.138.33.144/29 80.78.16.168/29 80.78.16.176/28 80.78.16.192/28 80.78.17.0/24 80.78.18.88/29 80.78.18.96/27 80.78.18.128/29 80.78.19.16/29 80.78.19.104/29 80.78.19.112/28 80.78.23.16/28 80.87.64.0/19 80.88.128.0/20 80.88.129.0/24 80.88.130.0/24 80.88.131.0/24 80.88.132.0/26 80.88.132.64/27 80.88.132.104/29 80.88.132.128/26 80.88.132.192/27 80.88.132.224/28 80.88.132.240/29 80.88.133.0/25 80.88.134.0/26 80.88.134.64/29 80.88.135.0/24 80.88.136.0/24 80.88.137.0/24 80.88.138.0/25 80.88.138.128/26 80.88.138.192/27 80.88.139.0/25 80.88.139.128/26 80.88.139.192/27 80.88.139.224/28 80.88.140.0/24 80.88.141.0/25 80.88.141.128/27 80.88.142.0/24 80.88.143.128/29 80.88.144.0/23 80.88.146.0/24 80.88.147.0/24 80.88.148.0/24 80.88.149.0/25 80.88.149.128/26 80.88.149.192/28 80.88.150.0/24 80.88.151.0/24 80.88.152.0/24 80.88.153.0/24 80.88.154.32/27 80.88.154.72/29 80.88.154.80/29 80.88.154.96/28 80.88.155.0/25 80.88.155.128/27 80.88.155.160/29 80.89.176.0/24
deny from 80.179.102.0/24 80.179.107.64/27 80.179.107.224/29 80.179.128.0/17 80.231.4.0/23 80.240.192.0/20 80.247.136.0/24 80.247.137.0/24 80.247.141.32/27 80.247.141.64/26 80.247.141.128/25 80.247.142.0/24 80.247.147.16/28 80.247.147.32/29 80.247.147.64/27 80.247.147.96/28 80.247.151.0/24 80.247.153.0/24 80.247.156.0/26 80.247.156.128/28 80.247.157.0/24 80.247.159.0/24 80.248.0.0/20 80.248.64.0/20 80.250.32.0/20 80.255.40.48/28 80.255.40.96/29 80.255.40.112/28 80.255.40.128/28 80.255.40.192/28 80.255.40.224/27 80.255.40.240/28 80.255.41.160/28 80.255.43.0/24 80.255.46.0/29 80.255.46.16/28 80.255.46.64/29 80.255.58.160/27 80.255.58.192/26 80.255.59.19 80.255.59.232/29 80.255.59.240/29 80.255.61.0/25 81.18.32.0/20 81.18.40.0/24 81.18.42.0/24 81.23.194.0/27 81.23.194.64/27 81.23.194.128/25 81.23.195.0/24 81.23.196.0/25 81.23.196.128/29 81.23.200.0/21 81.24.0.0/20 81.91.224.0/20 81.199.0.0/16 82.128.0.0/17 82.206.136.0/24 83.137.59.8/29 83.137.61.0/24 83.138.167.40/29 83.143.8.0/22 83.229.0.0/17 84.254.188.3 84.254.128.0/18
deny from 155.239.0.0/16 192.116.64.0/18 192.116.128.0/18 192.116.152.0/21 192.118.71.0/24 193.93.96.0/22 193.95.0.0/17 193.110.2.0/23 193.189.0.0/18 193.189.64.0/23 193.189.128.0/24 193.194.64.0/19 193.219.192.0/18 193.220.0.0/16 193.220.26.0/24 193.220.30.0/26 193.220.30.64/27 193.220.31.0/26 193.220.31.64/27 193.220.45.0/25 193.220.47.0/25 193.220.77.0/26 193.220.187.0/26 193.220.187.128/27 194.200.0.0/14 195.8.22.0/24 195.10.109.192/26 195.24.192.0/19 195.44.168.0/21 195.44.176.0/21 195.137.13.0/24 195.137.14.0/24 195.166.224.0/19 195.214.240.0/21 195.219.176.0/24 195.225.62.0/23 195.245.108.0/23 196.0.0.0/16 196.1.176.0/20 196.3.60.0/22 196.3.180.0/22 196.12.12.0/22 196.20.0.0/19 196.29.96.0/19 196.29.216.0/21 196.29.224.0/20 196.44.96.0/19 196.45.192.0/18 196.46.240.0/21 196.128.0.0/10 196.192.0.0/12 196.208.0.0/14 196.212.0.0/14 196.216.64.0/19 196.220.0.0/19 197.242.96.0/19 197.251.128.0/17 198.54.0.0/16 204.16.124.0/22 204.118.170.0/24 206.82.128.0/20 206.113.97.0/24 208.70.0.0/21 208.78.56.0/21 209.88.163.0/24 209.101.84.0/24 209.159.160.0/20 209.198.240.0/23 209.198.242.16/28 209.198.242.96/29 209.198.242.104/30 209.198.242.108/31 209.198.242.128/27 209.198.246.240/28 212.49.64.0/19 212.52.128.0/19 212.60.64.0/19 212.85.192.0/19 212.96.0.0/19 212.100.64.0/19 212.165.128.0/17 212.165.132.64/27 212.165.135.0/24 212.165.140.16/29 212.165.140.64/26 212.165.140.128/25 212.165.141.0/24 212.165.147.0/26 212.165.147.128/26 212.165.183.0/24 212.199.108.0/24 212.199.251.0/24 212.247.93.0/24
deny from 213.136.96.0/19 213.140.62.0/23 213.150.192.0/23 213.154.64.0/19 213.166.160.0/19 213.181.64.0/19 213.185.96.0/21 213.185.106.0/24 213.185.112.0/24 213.185.113.0/26 213.185.113.64/27 213.185.113.96/27 213.185.118.160/27 213.185.118.192/26 213.185.124.0/24 213.187.135.0/24 213.187.145.0/24 213.211.128.0/18 213.211.188.0/24 213.232.96.0/24 213.255.193.0/24 213.255.194.0/24 213.255.195.0/24 213.255.198.0/24 213.255.199.0/24 216.72.104.0/21 216.74.187.0/24 216.118.252.0/24 216.118.253.0/24 216.118.254.0/24 216.129.147.128/28 216.129.159.0/24 216.133.174.0/24 216.139.160.0/19 216.147.132.144/28 216.147.132.160/28 216.147.134.0/24 216.147.159.0/24 216.185.79.0/24 216.236.200.96/28 216.236.202.96/28 216.236.205.0/24 216.236.222.128/26 216.250.195.0/27 216.250.195.64/26 216.250.221.0/24 216.250.222.0/24 216.252.176.0/24 216.252.177.0/24 216.252.231.0/25 216.252.245.0/24 217.10.163.128/26 217.10.163.192/27 217.10.163.224/27 217.10.166.0/26 217.10.166.64/28 217.10.169.0/24 217.10.170.0/24 217.10.171.0/24 217.10.173.0/26 217.10.182.0/27 217.10.184.0/24 217.14.80.0/20 217.15.124.0/25 217.20.240.0/20 217.20.241.0/25 217.20.241.128/29 217.20.241.136/29 217.20.241.144/28 217.20.241.160/29 217.20.241.168/29 217.20.241.176/29 217.20.241.184/29 217.20.241.192/29 217.20.241.200/29 217.20.241.208/29 217.20.242.0/24 217.20.243.16/28 217.20.243.32/27 217.21.64.0/19 217.21.112.0/20 217.78.64.0/20 217.117.0.0/20 217.146.3.144/28 217.146.3.160/28 217.146.3.176/29 217.146.3.224/27 217.146.4.64/26 217.146.5.0/24 217.146.6.0/25 217.146.6.160/27 217.146.7.0/24 217.146.8.0/25 217.146.9.0/24 217.146.10.128/25 217.146.11.0/25 217.146.12.0/24 217.146.13.0/24 217.146.14.0/25 217.146.15.0/25 217.146.16.0/27 217.146.16.32/29 217.168.112.0/20 217.194.140.0/22 217.194.144.0/20 217.199.144.0/20 217.212.242.0/23

### Removed 65.120.56.0/21 pending review

# South African ISPs (ZA) (Cape Town, Johannesburg, Pretoria, etc, .za domains), used by Nigerian 419 and lottery scammers
deny from 41.0.0.0/16 41.14.0.0/16 41.17.0.0/16 41.18.0.0/15 41.26.0.0/15 41.28.0.0/15 41.30.0.0/15 41.54.0.0/15 41.56.0.0/16 41.112.0.0/12 41.132.0.0/14 41.146.0.0/16 41.160.0.0/12 41.213.0.0/17 41.240.0.0/16 41.241.0.0/16 41.242.0.0/16 41.243.0.0/16 41.244.0.0/16 41.245.0.0/16 41.246.0.0/16 105.224.0.0/14 165.143.0.0/16 165.144.0.0/14 165.148.0.0/15 196.2.112.0/21 196.7.128.0/19 196.34.0.0/15 196.36.0.0/14 196.210.0.0/16 196.215.0.0/16 197.168.0.0/14

# Algeria (DZ)
deny from 41.97.0.0/16 41.200.0.0/15

# Mauritius (MU)
deny from 197.224.0.0/14

# Morocco (MA)
deny from 41.140.0.0/14 41.248.0.0/14

# Tanzania (TZ)
deny from 196.43.64.0/19

# Added Goldenlines.net.il (Israel) because of Open Proxies used by Nigerian scammers
deny from 80.179.244.0/24

# Amsterdam, The Netherlands (NL) - DSL-NAT Customers and web hosting clients - Lottery and 419 scammers
deny from 62.59.36.0/22 62.59.40.0/21 62.59.48.0/22 62.140.128.0/20 79.170.90.0/24 82.93.0.0/16 82.168.0.0/14 85.92.141.0 87.249.104.0/23 194.60.207.0/24 213.75.0.0/16

# Freenet in Germany (DE) (freenet.de); Used as spam relay by many Nigerian scammers, in March, 2008.
# Choose one of the following CIDRs:

# Narrow freenet.de CIDR, used by recent scammers:
deny from 195.4.92.0/23

# Full Freenet.de CIDR:
deny from 195.4.0.0/16

# ISPs in Spain (ES), France (FR) and Italy (IT), used by many expatriot Nigerian lottery and 419 scammers (Cableuropa, Ibercom, Ono.com, Telefonica)
deny from 62.42.0.0/16 77.211.0.0/16 79.174.192.0/18 80.12.242.0/24 80.24.0.0/16 80.25.0.0/16 80.36.0.0/14 81.34.0.0/16 81.45.0.0/16 81.51.0.0/16 81.202.0.0/15 81.208.0.0/18 82.63.128.0/18 82.90.0.0/15 82.194.64.0/19 82.196.0.0/19 83.54.0.0/16 84.120.0.0/13 85.39.0.0/16 85.91.64.0/19 85.235.128.0/19 88.0.0.0/11 88.202.124.0/27 89.141.0.0/17 90.43.172.0/24 90.160.0.0/12 91.142.208.0/20 93.32.0.0/11 147.83.0.0/16 147.96.0.0/16 193.252.22.0/24 195.53.0.0/16 195.55.0.0/16 212.121.224.0/19 213.4.0.0/16 213.60.0.0/16 213.194.128.0/18 213.194.144.0/20 213.244.0.0/20 217.108.0.0/16

# Costa Rica (CR) exceptions:
allow from 196.40.0.0/18 196.40.64.0/19

# End Nigerian/African blocklist

# Add other blocked domain names or IP addresses here, starting with "deny from " without quotes

# If you find that you need to poke a hole in the blocklist, for legitimate visitors, follow this example: allow from 123.456.789.0

# Real life example: Some forums have legitimate DSL customers in Mauritius, which is blocked by 196.0.0.0/9, in my blocklist.
# To allow 8192 of these folks in Mauritius into your forums, just add the following directive:

allow from 196.27.64.0/19

# Add "allow from" IP addresses, or CIDR Ranges, after all of the "deny from" items, just before the closing Files tag.

# Everything not included within these deny from ranges is PERMITTED by the allow portion of the directive.

</Files>


# This prevents web browsers or spiders from seeing your .htaccess directives:

<Files .htaccess>
deny from all
</Files>

# End of file
      
If you find these blocklists useful, please Donate to Wizcrafts. Contributions from people like you, who benefit from these blocklists, will enable this work to continue.
Donate via PayPal

Anti-Spam email filtering solutions for companies and end-users

SpamArrest stops 100% of email spam

Mailwasher Pro

If you are tired of receiving spam, viruses and Phishing schemes in your personal computer's email inbox, why not give Mailwasher Pro a try? Mailwasher Pro is a program that intercepts and analyzes incoming email before it is delivered to your Eudora, IncrediMail, Outlook (Express), Thunderbird, or equivilant email client's inbox. Mailwasher uses a combination of Bayesian Learning Filters, a user controlled Whitelist and Blacklist, user created filters and rules, including regular expressions rules, DNS Blocklists like the Spamcop SBL, and the FirstAlert! Database of known spam as identified and reported by other Mailwasher Pro users around the World, to identify and deal with spam, scams, schemes and viruses. More details about MailWasher Pro.



This blocklist is compiled and maintained by Wizcrafts Computer Services. Use it at your own risk.
No warranties are implied or stated and we are not liable for any problems that may arise from it's use.
We provide Webmaster and website security consulting services on a freelance paid basis.
This page was last updated on: Friday, 28-Mar-2014 09:33:58 MDT
If you wish to contribute new IP addresses to this list, or hire us install a custom .htaccess file for you, please contact us via our Webmaster inquiries form.