Forum
Ban specific User Agent(s)
Kai Behning
24 October 2010, 12:57
Hi folks,
I am really impressed about Hiawatha
It's easy to install, not too complicated to configure and, most important, it simply does what I want.
Our website with some galleries from my wife is up and running since a few days, but I have a quite high number of entries in my logfile about a "Morfeus Fucking Scanner". After I have "goggled", I found some hints about this Scaner, and it seems to be a sript, looking for exploits in PHP.
My question is, can I set a configuration parameter to ban this user agent ?? Of course, I can deny access for the IP address by setting a corresponding config entry, but if the scanner uses another IP, I lost again. As far as I understood, the URLToolkit is 'only' for rewriting URI based expressions, but not the user agent instead. Any ideas how to solve this problem ??
Any idea is very appreciated.
Many tx.
Cheers
Kai
Hiawatha version: v7.3
Operating System: CentOS 5.5
I am really impressed about Hiawatha
It's easy to install, not too complicated to configure and, most important, it simply does what I want.
Our website with some galleries from my wife is up and running since a few days, but I have a quite high number of entries in my logfile about a "Morfeus Fucking Scanner". After I have "goggled", I found some hints about this Scaner, and it seems to be a sript, looking for exploits in PHP.
My question is, can I set a configuration parameter to ban this user agent ?? Of course, I can deny access for the IP address by setting a corresponding config entry, but if the scanner uses another IP, I lost again. As far as I understood, the URLToolkit is 'only' for rewriting URI based expressions, but not the user agent instead. Any ideas how to solve this problem ??
Any idea is very appreciated.
Many tx.
Cheers
Kai
Hiawatha version: v7.3
Operating System: CentOS 5.5
Hugo Leisink
24 October 2010, 13:27
You should take a look at the DenyBot option. The following configuration option will probably solve your problem.
VirtualHost {
...
DenyBot = morfeus:/
}
JanH
26 October 2010, 10:11
Hello Kai,
I have discussed a similar issue here, just put it under "Feature requests". You might be interested into this post:
http://www.hiawatha-webserver.org/forum/topic/692
I have discussed a similar issue here, just put it under "Feature requests". You might be interested into this post:
http://www.hiawatha-webserver.org/forum/topic/692
Kai Behning
31 October 2010, 14:11
Hi folks,
sorry for coming back so late, but my provider crashed the virtual server, so I needed a clean install (yes, and of course, no backup from the config file).
Anyway, I have included DenyBot line into my config and we'll see.
Many tx for your quick response.
Cheers
Kai
sorry for coming back so late, but my provider crashed the virtual server, so I needed a clean install (yes, and of course, no backup from the config file).
Anyway, I have included DenyBot line into my config and we'll see.
Many tx for your quick response.
Cheers
Kai
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
