I'm on a shared host without access to server logs. So, I wrote some PHP to log all accesses to my 404 error page. One disturbing thing that I noticed is a couple of visitors apparently accessing my site using FrontPage. I assume that they were scraping pages. I want to block them from now on.

I've seen a couple of user agents:
MSFrontPage/5.0 and MSFrontPage/12.0

They are requesting files that start with /_vti_ (e.g., /_vti_bin/shtml.exe/_vti_rpc). From searching this forum, I think that FrontPage looks for those files automatically so I also want to block anything that makes a request that contains /_vti_.

Here is the code that I used and seems to work, at least for blocking /_vti_ (I can't test for the user-agent):

RewriteCond %{HTTP_USER_AGENT} MS.?Frontpage [NC,OR]
RewriteCond %{REQUEST_URI} /_VTI_ [NC]
RewriteRule .* - [F]

I think that the first condition will block any user agent string that contains "MS(anything)Frontpage." Is that correct?

Now, each of these "scrapers" got a 404 using the above user-agent, but then came back immediately using a user-agent of something like this (exactly this in one case):

Mozilla/2.0 (compatible; MS FrontPage 5.0)

They are all like that, except that the version numbers may differ. So, the final question is am I possibly blocking innocent users that just happen to have some version of FrontPage installed on their PC (not surfing with it), or am I safe on that score?

I realize that they may still come back with a regular browser and do a copy and paste, so I'll probably block any IP that gets caught doing this.

Thanks,

Tim