broadKnowledge,

Welcome to WebmasterWorld [webmasterworld.com]!

I've used mod_rewrite in .htaccess under Apache to do this.

You do have to be careful to keep an eye out for new user-agents, though... Otherwise, you may block new browsers and new robots. It's a work in progress, but using this technique reduced the access-control code to about 25% of its previous size.

Jim

Thank You, Jim,, sometimes the only (obvious path) can be the last thing that comes to mind.

Stupid question but.. what traffic are you getting other than "browsers and robots"?

Personally I'd steer clear of doing this.

There are literally hundreds of browsers out there, most of which you will never have heard of. Can't see how you'll manage to keep track of all of them - so you'll end up banning some perfectly good users/customers.

What is it your trying to achieve?

Yaah!.. and I'll take that with a side order of 'aggressively needy'. Sometimes it's very easy to identify those who use post-sites and a channel to vent their personal frustrations. Anyway since this site has helped me in many ways, I'll stick to the topic, and of course respond to your misguided statements. First! The goal is to restrict the server to respond only to http-request and serve only html pages. The response written by Jim seems to be the best method I've heard so far. Next, 'in response to your statement '"there are hundreds of browsers out there", can someone name me 10 web browsers (not music or wireless) other than IE, Netscape, Mozella, Opera, Lynx and Bobcat. And! Lastly, what I have been trying to do is solve a security problem, (i.e. blocking all non-http request from individuals who use the web as a channel to vent their personal frustration). One more thing can you please provide me with your IP address or personal domain so that I my demonstrate the numerous non-http request that it will accommodate, One could send your domain an endless stream of non-http request and turn your log file into the library of congress in a few hours.

Oh! bye the way, we are talking about 'HTTP WEB BROWSERS' and how to make the server respond only to HTTP request and robots listed with W3C.

You could look at something like this:

[acme.com...]

But what you are asking is how to prevent requests to the server (concerns about error log), no way...you can't stop requests.

Sweeeeet,

No matter how smart an intruder is, he/she cannot break into or utilize a function that is not present.

Maybe I am missing something, but are you not talking about something that can be implemented within a firewall?

We've tried some of the best firewalls known, netscreen, Norton IS enterprise, tinysoftware and others, the bastards still get in. You may be supprised what can be done with a simple lynx text browser and a proxy IP that is never monitored. What is happening is not so much to steal data, its the game of proving that he can get in.

Surely you only allow traffic through on port 80 (and maybe port 443 if you are running a secure server). Most firewalls (software or hardware) should filter out ip masquerading/spoofing, but if you close off all but the used ports that should stop most people. Obviously people can still request stuff on port 80 and IIS has had more than it's fair share of problems (Apache isn't squeaky clean either).

I'll take that with a side order of 'aggressively needy'. Sometimes it's very easy to identify those who use post-sites and a channel to vent their personal frustrations.

Hey chill out.. I said I might be asking a "stupid question". No need to bust a vein, flame me or threaten my own sites. :( I was trying to be helpful, sorry if that makes me "aggressively needy". Venting personal frustrations? Eh? Thats what porn is for surely? ;)

So anyway... what kind of non-HTTP traffic are you getting? Are we talking about traffic on other ports (ping, finger etc), SYN attacks on port 80, or just bad requests and garbage being sent over HTTP?

As Netizen says, I think the first two can be handled by a firewall, but the last one might be more difficult.

can someone name me 10 web browsers (not music or wireless) other than IE, Netscape, Mozella, Opera, Lynx and Bobcat.

Certainly.. you'll find about 100 listed right here.
[browsers.evolt.org...]

I think that there are 2 responces to my original post that will lead me to some real solutions.

OTHER DOODLE:
Ok, there area few browsers that I am so glad I never heard of and even happier that anyone who uses them are not visiting the sites I manage. I am sure that if I search the web for 2 - 3 hours I could find a hundred versions of horseradish peanut butter. anyway 'hope you'r laughing' no flame coming from this end..