Banning by User-Agent

Forum Moderators: phranque

Message Too Old, No Replies

Banning by User-Agent

macavity

1:45 am on Jan 31, 2011 (gmt 0)

I have a number of existing entries in my .htaccess file such as:

<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|bin|spd|theme|module)$">
deny from all
</FilesMatch>

but I now need to ban the use of an automated SQL injection tool which (handily) seems to identify itself in the User-Agent request header. My question is, can I simply add the following to my .htaccess file:

SetEnvIfNoCase User-Agent "Tool name here" bad_bot

<Files *>
Deny from env=bad_bot
</Files>

Does the above syntax look correct? Can I safely add <Files *></Files> to a htaccess file which already contains <FilesMatch></FilesMatch> without confusing things? (I'm guessing yes but want to be sure)

mrtonyg

1:33 pm on Jan 31, 2011 (gmt 0)

Why not use the user-agent deny with mod_rewrite like so:

RewriteCond %{HTTP_USER_AGENT} goof|Extractor|GrabNet|InterGET [NC]
RewriteRule .* - [F]

macavity

1:46 pm on Jan 31, 2011 (gmt 0)

Thanks mrtonyg, although to be honest I don't have the knowledge/experience to know which method is better. Very happy to hear further thoughts/comments!

wilderness

2:24 pm on Jan 31, 2011 (gmt 0)

Close to perfect a basic tutorial [webmasterworld.com]

Please note; many of the participants in this very old thread were actually making inquires and using badly formatted syntax.
Most of the UA's were even invalid at the time, forget about using most of them today

jdMorgan

3:41 am on Feb 1, 2011 (gmt 0)

Usually the best and fastest approach to finding out if something will work is to test it...

However, the answer to the initially-posted question is "Yes, that SetEnvIfNoCase construct should work."

Jim

macavity

10:40 am on Feb 1, 2011 (gmt 0)

Thanks both, appreciate the replies.

PS Jim - could you check your inbox(es) for a couple of mails from me recently? Not sure if they made it through.