It is not possible to use wildcards (such as * or 1.157.*) when specifying allowed IP addresses directly in the Plesk Firewall graphical interface for Linux. The Plesk Firewall expects explicit IP addresses or subnet masks in CIDR notation (like 1.157.0.0/16) for allowing ranges.
If you want to allow a range of addresses, use the appropriate subnet notation (e.g., 1.157.0.0/16 for all 1.157.x.x addresses), not a wildcard. The only exception is when using the underlying Linux firewall (like iptables) via the command line, where you can specify ranges or CIDR blocks, but still not wildcards as such—just proper network ranges.
In summary: wildcards like * are not supported, but subnet or range notation is.
using 1.157.0.0/16 will include 1.157.167.11. The CIDR /16 covers all IP addresses from 1.157.0.0 to 1.157.255.255, so 1.157.167.11 is within that range.
To allow all addresses starting with 136 (that is, 136...*), use the subnet 136.0.0.0/8. This covers every possible IP in the 136.x.x.x range, including 136.54.87.206.
In CIDR notation, 136.0.0.0/8 is equivalent to the subnet mask 255.0.0.0. This will match any IP where the first octet is 136, regardless of the other octets
CIDR and subnet masks can only be used to define contiguous blocks of IP addresses that align on binary boundaries—not arbitrary ranges like “from 136.1.. to 136.99..“. This means a single CIDR or subnet mask cannot exactly express only 136.1.0.0 to 136.99.255.255.
To cover this range, you would need to use multiple subnets:
- The /16 subnets: 136.1.0.0/16, 136.2.0.0/16, …, up to 136.99.0.0/16
- Or aggregate where possible using larger blocks, but only where binary alignment allows.
A single network block like 136.0.0.0/8 would include all 136.x.x.x addresses, not just 136.1 to 136.99. Finer control requires listing multiple subnets.