I'm receiving an enormous amount of unwanted traffic on my web server from Russia. It appears to be mostly referrer spam, with the occasional failed SQL injection attempt. Since I'm a small local business in east Tennessee, there's no legitimate reason for anyone to access my website from Russia.
I'm wanting to just block the entire country. So I'm trying to do that using the .htaccess file. I used this free service to get the IP addresses: http://www.ip2location.com/blockvisitorsbycountry.aspx
But it's not working. According to Google Analytics, I'm still getting thousands of pageviews a day from Russia.
Here's the current contents of my .htaccess file:
AddHandler php-stable .php
<Limit GET HEAD POST>
order allow,deny
allow from all
deny from 2.16.159.0/24
deny from 2.16.160.0/23
deny from 2.16.168.0/24
deny from 2.60.0.0/14
deny from 2.92.0.0/14
[removed a whole bunch of IP addresses here for brevity]
deny from 217.199.224.0/20
deny from 219.3.97.0/24
</Limit>
Anyone have any ideas of what I might be doing wrong?