Welcome to WebmasterWorld Guest from 54.221.75.68
Forum Moderators: Ocean10000 & phranque
Message Too Old, No Replies
WARNING: Improper [NC] Usage Allows Bad Fake Bots to Crawl Sites
System Operator from US
joined:Jan 25, 2005
posts:14664
votes: 99
Just thought I'd post it as a thread of it's own as it deserves attention.
Depending on whether you're validating a bot or blocking bad bots determines whether or not you should use "[NC]" to ignore the case.
For instance, when trying to validate Googlebot, the syntax "Googlebot [NC]" will also allow the bad fakes spoofing with "googlebot". In this case you would not want the "[NC]" used nor with any other major search engine or service being allowed to crawl.
When blocking bots and looking for any variation of a bad bot name is when you would use the case insensitive matching "[NC]" option to make sure you catch all variants. Using "Bad Bot [NC]" will match "bad bot", "BAD BOT", "BaD BoT" or any other mixed case combination.
Just an FYI to make sure you're using "[NC]" in the right places for the right reasons and don't inadvertently let the bad guys in the door with such a simple mistake.
Senior Member
joined:July 3, 2002
posts:18903
votes: 0
Good tip.
Administrator
joined:Aug 10, 2004
posts:11453
votes: 173
unmentioned but assumed in the context of bots, incrediBILL is referring to the use of the mod_rewrite RewriteCond directive and HTTP_USER_AGENT as the TestString:
http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond
an example of blocking usage would be:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} badbot [NC]
RewriteRule .* - [F]
Senior Member from US
joined:Apr 9, 2011
posts:15256
votes: 691
Same goes for mod_setenvif: SetEnvIf(NoCase) and the common shorthand BrowserMatch(NoCase). If the correctly cased form is good, the incorrect form is probably an unwanted spoofer. But if the correctly cased form is already bad, the incorrect form may be even worse.
Watch out for UA's that legitimately contain two forms, as in "PrettyBot {blahblah} +http:// www.prettybot.com/crawlers"
Join The Conversation
- Register For Free! - Become a Pro Member!
- See forum categories - Enter the Forum
Moderators and Top Contributors
- Moderator List | Top Contributors:This Week, This Month, Oct, Sept, Archive, Top 100 All Time, Top Voted Members
Hot Threads This Week
- Google Updates and SERP Changes - November 2018
- November 2018 AdSense Earnings & Observations
- Is Google's Algorithm Stretching the Meaning of "Synonym"?
- Sir Tim Berners-Lee, Web's Inventor, Disappointed with the current state of the Web
- Google Updates and SERP Changes - October 2018
- Microsoft Resumes Roll-out of Windows 10 Oct Update V1809
- IBM to Acquire Red Hat for $33.4 Billion
- Question about CTR, rankings, and anti-SEO algorithms
- Google Lifts Restrictions Over Android Pre-Installed Services
- Mozilla Experiments With a VPN Via Firefox
Featured Threads
- Microsoft Resumes Roll-out of Windows 10 Oct Update V1809
- Sir Tim Berners-Lee, Web's Inventor, Disappointed with the current state of the Web
- Is Google's Algorithm Stretching the Meaning of "Synonym"?
- Google Updates and SERP Changes - November 2018
- Google Introduces reCAPTCHA V3 With Scoring Instead of a Challenge
- IBM to Acquire Red Hat for $33.4 Billion
- Microsoft Completes $7.5 Billion Acquisition of GitHub
- Mozilla Experiments With a VPN Via Firefox
- Google Lifts Restrictions Over Android Pre-Installed Services
- Chrome 70 Released for for Windows, Mac, and Linux