andreasfriedrich - 2:02 pm on Sep 26, 2002 (gmt 0)

what alternative is there if my server doesn't have mod_rewrite installed?

You could use mod_access and mod_setenvif which are compiled and loaded into the server by default. They should be available unless you or your hosting company removed them.

Deny [httpd.apache.org] is used to restrict access to the server based on hostname, IP address, or environment variables. Hostname and IP won´t work, so we need a way to set environment variables depending on the User-Agent. SetEnvIf [httpd.apache.org] allows us to do just that. Preferrably we would like the matching to be case insensitive. Luckily the Apache developers provided a method to do just that SetEnvIfNoCase [httpd.apache.org].

Now we need to put those pieces together.

SetEnvIfNoCase User-Agent EmailSiphon AC_FORBIDDEN SetEnvIfNoCase User-Agent EmailWolf AC_FORBIDDEN SetEnvIfNoCase User-Agent Crescent AC_FORBIDDEN SetEnvIfNoCase User-Agent LinkWalker AC_FORBIDDEN SetEnvIfNoCase User-Agent EmailCollector AC_FORBIDDEN Order Allow,Deny Allow from all Deny from env=AC_FORBIDDEN

As with the regular expression in the RewriteCond directive you could just use one SetEnvIfNoCase [httpd.apache.org] like this:

SetEnvIfNoCase User-Agent EmailSiphon¦EmailWolf¦Crescent¦LinkWalker¦EmailCollector AC_FORBIDDEN Order Allow,Deny Allow from all Deny from env=AC_FORBIDDEN

where everything from SetEnvIfNoCase to AC_FORBIDDEN would need to be in a single line.

Andreas