[NCLUG] Apache Config - deny from certain User Agent?
Chad Perrin
perrin at apotheon.com
Tue Oct 31 16:32:42 MST 2006
On Tue, Oct 31, 2006 at 03:35:21PM -0700, Stephen Warren wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Rich Young wrote:
> > I've been having some trouble with a certain bot attempting to comment
> > spam blogs on our web server, which my aging server handles very poorly
> > - the result is similar to a DoS attack. Unfortunately, the traffic is
> > not coming from any single IP range, but it does seem to all be
> > self-identifying as a specific user agent (WebaltBot). Does anyone know
> > if it's possible to create a directive in the Apache 2.0 conf file that
> > simply rejects traffic from this user agent? I've looked at
> > BrowserMatch, but it's intended only to set environment variables.
>
> Set an env. var using BrowserMatch, then do this to block them:
>
> LoadModule rewrite_module modules/mod_rewrite.so
> RewriteEngine On
> RewriteCond %{ENV:is_bad_robot}=1
> RewriteRule ^.*$ - [F]
. . . or use an iptables rule to drop all incoming packets that
self-identify in that manner.
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
unix virus: If you're using a unixlike OS, please forward
this to 20 others and erase your system partition.
More information about the NCLUG
mailing list