[NCLUG] Apache Config - deny from certain User Agent?

Chad Perrin perrin at apotheon.com
Tue Oct 31 16:32:42 MST 2006


On Tue, Oct 31, 2006 at 03:35:21PM -0700, Stephen Warren wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Rich Young wrote:
> > I've been having some trouble with a certain bot attempting to comment
> > spam blogs on our web server, which my aging server handles very poorly
> > - the result is similar to a DoS attack.  Unfortunately, the traffic is
> > not coming from any single IP range, but it does seem to all be
> > self-identifying as a specific user agent (WebaltBot).  Does anyone know
> > if it's possible to create a directive in the Apache 2.0 conf file that
> > simply rejects traffic from this user agent?  I've looked at
> > BrowserMatch, but it's intended only to set environment variables.
> 
> Set an env. var using BrowserMatch, then do this to block them:
> 
> LoadModule rewrite_module modules/mod_rewrite.so
> RewriteEngine On
> RewriteCond %{ENV:is_bad_robot}=1
> RewriteRule ^.*$ - [F]

. . . or use an iptables rule to drop all incoming packets that
self-identify in that manner.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
unix virus: If you're using a unixlike OS, please forward
this to 20 others and erase your system partition.



More information about the NCLUG mailing list