Cut and paste this file and save as ban_bot.cgi and place in your cgi-bin.
####################### ######################## ######################## ############
#!/usr/local/bin/perl
# Browser Agents Banned
@browser = ("Wget/1.6","Zeus","EmailSiphon"); # List of Banned Agents - Add as many as you like
# Get Browser Agent Info
$get_agent = $ENV{'HTTP_USER_AGENT'}; # Get Browser Agent - Requires SSI
# Check Against Ban List
foreach $ban (@browser) {
if ($get_agent =~ /$ban/) {
$punish = 1;
}
}
if ($punish == 1) { # Banned agent is placed into an infinite loop
while (1) {
$x++;
}
}
else {
print "Content-type: text/html\015\012\015\012\n\n"; # The innocent are set free
}
# End Script
Place <!--#include virtual="/cgi-bin/ban_bot.cgi"--> at the top of each page on your site and that's it!
I've tested this with my best snooping software and it works great. You may freely use and modify this script as you see fit although I would ask that users post any improvements made so that the rest of us can benefit from them.
$date = scalar localtime ( time ); print MAIL "Time: $date \n"; Also had a problem with it displaying the full URL in the e-mail...
Changed:
print MAIL "Document: $ENV{'SERVER_NAME'}$ENV{'DOCUMENT_URI'}\n";to:
print MAIL "Document: $ENV{'SERVER_NAME'}$ENV{'REQUEST_URI'}\n";The following session generated a banned browser agent error:
Host: myipsnipped
Agent: EmailWolf 1.00
Referrer:
Document: www.mydomain.com/myurl/blahblah.php3
Time: Mon Jun 25 12:13:20 2001
------------------------------------------------------
:)
Some servers will use REQUEST_URI instead of DOCUMENT_URI. If one doesn't work, try the other.
I'm working on a new version of this script. Planned features: Ban agents or IP's and punish based on threat, redirect browsers to custom error document, add/remove agents or IP's from a list (instead of modifying/uploading the script each time), ban visitor based on referrer (e.g. [iaea.org...] redirect browsers based on search engine referral, and graph banned usage. I'll make it public once it's complete.
It's nice having a bit of control now, especially when there was no control before. :)
This is called via the standard PHP include.
<?php include ("/server/path/to/block.php3"); ?>
begin block.php3
<?php
$browser = array ("Wget", "EmailSiphon", "WebZIP","MSProxy/2.0","EmailWolf","webbandit","MS FrontPage"); $punish = 0;
while (list ($key, $val) = each ($browser)) {
if (strstr ($HTTP_USER_AGENT, $val)) {
$punish = 1;
}
}
if ($punish) {
// Email the webmaster
$msg .= "The following session generated banned browser agent errors:\n";
$msg .= "Host: $REMOTE_ADDR\n";
$msg .= "Agent: $HTTP_USER_AGENT\n";
$msg .= "Referrer: $HTTP_REFERER\n";
$msg .= "Document: $SERVER_NAME" . $REQUEST_URI . "\n";
mail ("youremail@yourdomain.com", "BANNED BROWSER AGENT ERROR", $msg);
// Print custom page
echo "<HTML>
<head>
<title>Access Denied</title>
</head>
<p>We're sorry. The software you are using to access our website is not allowed.
Some examples of this are e-mail harvesting programs and programs that will
copy websites to your hard drive. If you feel you have gotten this message
in error, please send an e-mail addressed to admin. Thanks.</p>
<BR>
-Your name.
<BR>
</body>
</HTML>";
exit;
}
?>
That looks like it might be the perfect solution for one of my sites.
Thanks
Here it is,
<% ' Declare browser array browser(0) = "Wget" ' Declaring variables ' Get User Agent Info ' Check Agent punish = 0 If Left(user_agent, 4) = browser(0) Then ElseIf Left(user_agent, 11) = browser(1) Then ElseIf Left(user_agent, 6) = browser(2) Then ElseIf Left(user_agent, 11) = browser(3) Then ElseIf Left(user_agent, 9) = browser(4) Then ElseIf Left(user_agent, 9) = browser(5) Then ElseIf Left(user_agent, 12) = browser(6) Then End If If punish = 1 Then ' Mail the Webmaster Set objMail = Server.CreateObject("CDONTS.Newmail") ' Redirect to access denied page Response.Redirect ("access-denied.html")
Dim browser(6)
browser(1) = "EmailSiphon"
browser(2) = "WebZip"
browser(3) = "MSProxy/2.0"
browser(4) = "EmailWolf"
browser(5) = "webbandit"
browser(6) = "MS FrontPage"
Dim user_agent, host, document, referrer, punish
user_agent = Request.ServerVariables("HTTP_USER_AGENT")
host = Request.ServerVariables("REMOTE_ADDR")
document = Request.ServerVariables("SERVER_NAME")
referrer = Request.ServerVariables("HTTP_REFERER")
punish = 1
punish = 1
punish = 1
punish = 1
punish = 1
punish = 1
punish =1
objMail.To = "rb3@redblue3.com"
objMail.From = "rb3@redblue3.com"
objMail.Subject = "BANNED BROWSER AGENT ERROR"
objMail.Body = "The following session generated banned browser agent errors: Host: " & host & " Agent: " & user_agent &_
" Referrer: " & referrer & " Document: " & document & "."
objMail.Send
Set objMail = Nothing
End If
%>
I'm still getting used to programming in ASP and PHP so some of this could most likely be done in a much more efficient way but I figure it's a start.
punish = 0
FOR index=0 TO UBOUND(browser)
IF Left(user_agent,LEN(browser(index)))=browser(index) THEN
punish=1
END IF
NEXT
Also, instead of redirecting to a new page, would this following code work?
Response.Status = "403 Forbidden - Your UA blows goats."
response.end
Cheers, Robin
if ($punish == 1) { # Banned agent is put to sleep
sleep(60);
Is there an ASP equivilant of this sleep command?
Sorry
RE: Line 3 in the download
# This script is freeware as long as this header remains intact
A reminder...this script is freeware regardless.
Key Master (Unretired my early '80s nick)
aka Froggyman
if ($user_agent =~ /well-known-email-harvester/) {
for (1...5000) {
print &generate_bogus_email(),"<br>\n";
}
}
I figure if it's going to be incrementing some dumb counter for a while you might as well doing something productive with your clock cycles.
If it's email addies they want, it's email addies they get.... by the truckload! Mauahahahahaha
I'm looking for input on how to store the log file. If you had a choice, would most of you prefer a single log file or a new log file created automatically by the script for each day of the week? Is the latter option feasible for all servers?
