CIDR and ASN are only available in the premium WP+ Edition (there’s also an option to whitelist Jetpack and some payment gateways like Paypal etc).
In the free WP Edition, you need to use the .htninja script.
Thanks for the response. I have already created the .htninja file and the following code as well. Do you think this enough? Is there any way I can whitelist ASN via the .ninja file?
// Allow JetPack CIDR (IPv4 **only**):
$cidr_array = array('192.0.64.0/18');
// Loop through the array:
foreach ( $cidr_array as $cidr ) {
// Check IP vs CIDR:
if ( ipCIDRCheck( $_SERVER['REMOTE_ADDR'], $cidr ) ) {
// IP matches, allow it:
return 'ALLOW';
}
}
function ipCIDRCheck( $IP, $CIDR ) {
list ( $subnet, $bits ) = explode( '/', $CIDR );
$ip = ip2long( $IP );
$subnet = ip2long( $subnet );
$mask = -1 << ( 32 - $bits );
$subnet &= $mask;
return ( $ip & $mask ) == $subnet;
}
That should work.
You can’t use the .htninja to check AS numbers, because you’d need a database. In the WP+ Edition, we are using two ASN databases, one for IPv4 and one for IPv6.
Thank you so much. I am happy with ninja firewall.
