Here is the way our website "blocks" access for bad userAgent strings... Note that this isn't perfect, but if you asp.net on your machine, this works pretty well. badBots string on the blacklist.ascx page is the comma delimited "start" of the userAgent that is bad... ie, instead of having a separate entry for Educate Search V6B, Educate Search V32B, etc, I have an entry for "Educate Search"...

THis will only help on sites that only use ASP.NET

I hope this helps someone. I launched it so far and it works well. I have an email function that also gets called when a bad bot goes to our site, so I know that they tried to visit. I actively track all visits on the site, so I can then see if they found a way in (usually not). So this is pretty successful. My next project is to make this add the bad bots dynamically... probably into a textfile using a badBot trap. We'll see :)

Scott

== START page blacklist.ascx... ==

<script language="VB" runat="server">
public badBots as string = "Mozilla/3.0 (compatible; Indy Library),CBrowse,DBrowse,DDemo,Demo Bot,DSurf15a,EBrowse,Educate Search,Franklin Locator,FSurf15a,Full Web Bot,Industry Program,Mac Finder,Missauga Locate,Missigua Locator,PBrowse,PEval,Production Bot,PSurf15a,RBrowse,RSurf15a,SSurf15a"

private function get_ua_status()
dim status as boolean = false
dim ua as string = Request.UserAgent
dim badBotsArray as array = badBots.split(",")
dim badBotsSize as integer = uBound(badBotsArray)
dim i as integer = 0

do while (i <= badBotsSize)
if (left(ua, len(badBotsArray(i))) = badBotsArray(i)) then
status = true
exit do
end if

i = i + 1
loop

return status
end function
</script>

== end blacklist.ascx ==

== start global.asax ==

<!--#include file="blacklist.ascx"-->

<script language="VB" runat="server">
Sub Session_start(sender as object, e as eventargs)
dim status as boolean = get_ua_status()

if (status = true) then
response.redirect([Blacklist Page URL goes here])
end if
End Sub
</script>

== end global.asax ==