Last 12 months I got over 1900 hits with this signature. All of them MSIE, 90%+ older than 8.0. 4 were proxies in RIPE, ARIN and APNIC, of which 2 were serving a bad neighbourhood in RIPE. Almost half were demented brute force WordPress login attempts, which I admit skews the stats more than a tad.

With few exceptions, the rest were up to no good that I could make out.


Life's too short. Unless your income hangs on clicks from people buying stuff on their lame-ass employer's time, just deny legacy MSIE prior to 8.

If as a result of this your front door gets kicked-in by large dudes packing heat, say you were only following my tip, and forward them to me.

Many thanks for your reply and feedback.

Life's too short. Unless your income hangs on clicks from people buying stuff on their lame-ass employer's time, just deny legacy MSIE prior to 8.

I cannot do that, in fact I was using IE 6 until just recently, and merely upgraded to 7.
Ver 8. is out of the question because I'm not upgrading to SP3.

Each webmaster must determine what is beneficial or detrimental to their own websites. There's not a one-fits-all.

That's what continues to make this forum so beneficial.

keyplr and I have many of the same IP's and UA's denied, however we each have some different IP's and UA's open.
And that is only one comparison of two forum participants.

Most everybody has Linux UA's open and I deny Linux, guess that makes me narrow-minded ;)
On the other hand, I've a recent thread on the earliest WebTV's, which I allow.

Won't get any visits from me, then. I've been using Linux for two or three years now. :)

And MSIE 6 should be completely rejected, although I do still permit a subset of IE6 UAs. It's been obsolete for years, even by MS standards (MS hasn't issued any IE6 bug fixes for years - it's a death-trap!). Trouble is, anything before XP cannot run anything earlier than MSIE7 - thanks the gods for FF and Opera! :)

FF doesn't function with page anchors (see my badly place thread in the CSS forum).

I'm still behind on FF and only recently changed to 7.0.

I'm so fed with MS products and updates (the reason for my refusal to update). After installing IE 7 yesterday the updates began pouring in. One of the updates was a font, which has changed the appearance of Copernic Tool, which I use heavily. I'm not a happy camper.

Won't get any visits from me,

You don't give two hoots about widgets any way ;)

I do still permit a subset of IE6 UAs

Uh?.

anything before XP cannot run anything earlier than MSIE7

That's surely not true?

Like I said, block 'legacy everything'. You won't be disappointed, I know I'm not, and I have the stats to back that up.

stats to back that up.

FWIW and not to be a bore?

Each webmaster must determine what is beneficial or detrimental to their own websites. There's not a one-fits-all.

If one shoe fit all, than there'd be a standard htaccess in the common CP's that is open-source.

Additionally, everybody would have jumped on the white-listing bandwagon, and black-listing wouldn't even function.
Course Bill doesn't refer to black-listing as "modern technology" ;)

I stand by what I posted. I'm happy to see it labelled as a Minority Report. Can we move on?

Can we move on?

I don't believe "we" may move anywhere.

Each webmaster must determine what is beneficial or detrimental to their own websites. There's not a one-fits-all.

Has been a "standard" in this forum for more than a decade.
You've merely been here a few days and primarily because somebody pasted a bit of your code in the Apache Forum.

Thanks anyway for your advice.

Life's too short. Unless your income hangs on clicks from people buying stuff on their lame-ass employer's time, just deny legacy MSIE prior to 8.

Bad advice

block 'legacy everything'.

Very bad advice


Whitelist and the bots using browser UAs will be filtered, while legit customers using old browsers will still be able to buy your goods. I see it all the time.

iamzippy - IE6 UAs (as with all UAs) change in several ways depending on "real" human or bot, what extras are installed, what headers it sends etc. I permit a subset of those whilst logging all IE6 accesses as "suspicious".

> anything before XP cannot run anything earlier than MSIE7

My error. It should have read...

"anything before XP cannot run anything later than MSIE6"

dstiles - over HTTP/1.0, MSIE below 8.0 is invariably bad news. Above 7.0, it's probably bad news. The evidence is hidden in plain sight.

I don't understand why folks make this stuff out to be more complicated than it is.

Did I mention http/1.0? That shows up in a number of other ways as well, all covered. I wouldn't say ANY real browser uses 1.0 any more, surely?

Did I mention http/1.0?

No. And no-one ever seems to. It's definitely part of the mix.

It's definitely part of the mix.

I thought it was MSIE.something, but just did a spot check and that isn't the variable after all. Satellite internet possibly? In the specific area I checked, that's a huge proportion of users.

I'm still trying to hammer out the right configuration of MSIE 5 + Mac. Met one the other day that I could swear was human-- totally plausible configuration of query, subsidiary pages, IP location etc-- except that it professed to be on MSIE 5.5 for Mac, which doesn't exist :( <=4 is implausible enough to exclude. Has to be in the 5.0 to 5.2.3 range and then only for Mac; don't remember meeting a human Windows user with 5.anything.

iamzippy - the thing to remember here is that in this forum we do not mention all of the ways in which we protect our servers and sites. To do so would reduce the effectiveness by giving black hats all our defense techniques.

Like me, I'm sure many people here have their specific methods and they are not going to divulge them in open forum, nor to anyone they do not personally know and trust. We speak in general terms and of generally known techniques but there are other, more hidden methods also in use.

One of my sites in addition to selling products, has a lot of edu articles so it's very popular with schools, libraries, municipal, military, etc. They all seem to use older browser builds and their server link-checkers are most often config'd http/1.0.

If I were to block http/1.0 and legacy browsers, I'd loose 20% of my legit traffic.

I reject link checkers, apart from the occasional in-browser checker, but usually gently - I do not block the IP for the most part unless it's very aggressive.

For the rest, I agree in general. I don't think I have any 1.0-based browsers but some of the bots I allow still use it.

Sorry guys. Notwithstanding the condescending head-patting by the Royal 'we', I stand by my proposition, but I plainly forgot to include the usual statement of the bleeding obvious: ymmv. My sincere apology goes to any and all extraordinarily dense webmasters out there that didn't get it.

I'd loose 20% of my legit traffic

Hmm. Does that mean I can get off this 'naughty step' now?

One of my sites in addition to selling products, has a lot of edu articles so it's very popular with schools, libraries, municipal, military, etc. They all seem to use older browser builds and their server link-checkers are most often config'd http/1.0.

If I were to block http/1.0 and legacy browsers, I'd lose 20% of my legit traffic.

Ditto.

Matter of fact, the previous time I posted, I forgot that I did recently take a closer look at those 1.0s. (Found the notes while looking up something else, duh.) This was within a pre-screened pool that has to be at least 98% human. Among those IPs that I recognized, many are in the remote fringes of Canada. That's satellite-internet country. You may have a cable coming out of the wall, but at the far end of that cable is a satellite receiver. Nothing else is physically possible.

There were also a heck of a lot of MSIE 6, though looking at the same pool between last fall and today, it looks as if a few of them finally got upgraded to 9. (Government offices, so you use what they give you.) If you have a slow connection there's not much point to upgrading your browser, because all that zippy new stuff would take hours to load anyway.

But there's still no such thing as MSIE 5.5 for Mac ;)

@iamzippy

I wasn't talking to you. I was commenting on dstiles post.

I wasn't talking to you.

Here, here! point taken ;)