Apache prohibits the designation of usre_agent

Source: Internet
Author: User

Sometimes to analyze the access log when there will be a lot of illegal access, or you do not want it to access some of the requests, such as some of the more garbage spider search engine, in fact, we can be banned from these search engines, because your website visit volume of the request if very large, Then half of the traffic will be accessed by their crawlers, and their access is the same as human access, which can also be a burden on our servers.

Check the Access log

[Email protected] ~]# Tail/usr/local/apache2/logs/test.com-access_

Test.com-access_20151230_log Test.com-access_20151231_log Test.com-access_20160101_log Test.com-access_log

[Email protected] ~]# Tail/usr/local/apache2/logs/test.com-access_20160101_log

192.168.140.2--[01/jan/2016:11:34:15 +0800] "Get/admin.php?action=recyclebin http/1.1" 403 211 "http://www.test.com/ Home.php?mod=space&do=notice&view=manage "" mozilla/5.0 (Windows NT 6.1) applewebkit/537.36 (KHTML, like Gecko) chrome/39.0.2171.99 safari/537.36 2345explorer/6.4.0.10751 "

192.168.140.2--[01/jan/2016:11:34:11 +0800] "get/misc.php?mod=patch&action=pluginnotice&inajax=1& Ajaxtarget=plugin_notice http/1.1 "http://www.test.com/forum.php" "mozilla/5.0 (Windows NT 6.1) applewebkit/ 537.36 (khtml, like Gecko) chrome/39.0.2171.99 safari/537.36 2345explorer/6.4.0.10751 "

192.168.140.2--[01/jan/2016:11:34:12 +0800] "get/misc.php?mod=patch&action=pluginnotice&inajax=1& Ajaxtarget=plugin_notice http/1.1 "Http://www.test.com/home.php?mod=space&do=notice&view=manage" " mozilla/5.0 (Windows NT 6.1) applewebkit/537.36 (khtml, like Gecko) chrome/39.0.2171.99 safari/537.36 2345explorer/ 6.4.0.10751 "

192.168.140.100--[01/jan/2016:11:34:54 +0800] "HEAD http://www.test.com/data/info.php http/1.1" 403-"-" "curl/7.19.7 (I386-REDHAT-LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 "

127.0.0.1--[01/jan/2016:12:53:57 +0800] "HEAD http://www.test.com/data/info.php http/1.1"-"-" "curl/7.19.7 (i386- REDHAT-LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 "

127.0.0.1--[01/jan/2016:13:29:43 +0800] "HEAD http://www.test.com/data/info.php http/1.1" 403-"-" "curl/7.19.7 (i386- REDHAT-LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 "

192.168.140.100--[01/jan/2016:13:29:55 +0800] "HEAD http://www.test.com/data/info.php http/1.1" 403-"-" "curl/7.19.7 (I386-REDHAT-LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 "

192.168.140.100--[01/jan/2016:13:30:07 +0800] "HEAD http://www.test.com/HTTP/1.1" 403-"-" "curl/7.19.7 (i386-redhat- LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 "

192.168.140.2--[01/jan/2016:13:30:19 +0800] "get/http/1.1" 403 202 "-" "mozilla/5.0 (Windows NT 6.1) applewebkit/537. (khtml, like Gecko) chrome/47.0.2526.106 safari/537.36 "

192.168.140.2--[01/jan/2016:13:30:19 +0800] "Get/favicon.ico http/1.1" 403 213 "http://www.test.com/" "mozilla/5.0 (Wi Ndows NT 6.1) applewebkit/537.36 (khtml, like Gecko) chrome/47.0.2526.106 safari/537.36 "

Here again Curl access: "curl/7.19.7 (I386-REDHAT-LINUX-GNU) libcurl/7.19.7 nss/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/ 1.4.2 "

Chrome access to chrome/39.0.2171.99 safari/537.36 2345explorer/6.4.0.10751 "

We can try to cut them off.

[Email protected] data]# vim/usr/local/apache2/conf/extra/httpd-vhosts.conf

<ifmodule mod_rewrite.c>

Rewriteengine on

Rewritecond%{http_host} ^www.aaa.com$ [OR]

Rewritecond%{http_host} ^www.bbb.com$

Rewriterule ^/(. *) $ http://www.test.com/$1 [r=301,l]

Rewritecond%{http_user_agent} ^.*curl.* [Nc,or]

Rewritecond%{http_user_agent} ^.*chrome.* [NC]

Rewriterule. *-[F]

</IfModule>

Add these 3 lines here, it is also used rewrite, first define its conditions, [NC] is case-insensitive, [F] is forbidden

We use Chrome to visit and ask:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/79/1C/wKiom1aJOXLi6fWRAAA_loUr6is755.png "title=" 1.png " alt= "Wkiom1ajoxli6fwraaa_lour6is755.png"/>

Then we use Curl to access:

[Email protected] ~]# curl-x192.168.140.100:80 Www.test.com-I

http/1.1 403 Forbidden

Date:fri, 05:42:09 GMT

server:apache/2.2.31 (Unix) php/5.3.27

content-type:text/html; Charset=iso-8859-1


Apache prohibits the designation of usre_agent

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.