how can i block this user agent through mod_rewrite
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
and is this agent will affect all the IE 6 users ?
and whats is the difference between the one above and this one :
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)?
There's a bot that's taken to trolling my site. I'd like to block it.
1) Is there a relatively straightforward way through cPanel that I can do this?
2) Failing that, via adding some code to a page on my site (I've seen some code when googling on the 'net, but I'm new to this, and don't even know where such code belongs. As far as I can tell, depending on the bot, sometimes severe measures may need to be taken. However, from my limited reading, it seems that appropriate editing of .htaccess might do it.)
I have a SSG-320M I manage, and would like to know if I can block traffic to our web servers based on the user agent hitting us? I know user agents that keep using more and more IP addresses to crawl us, one already taking up some 30 or 40 addresses under my policies and its a pain to identify these by hand and keep updating the firewall every few days to add new IP addresses for them. Is there somewhere I can add part of the user agent I do not want to ever see again? Right now I do this by having a policy at the top saying "BadBotsGroup" is denied. But I want to deny anyone with a user agent "OneUserAgent" or "SecondUserAgent"
It seems so important and simple, but I do not see anything about being able to do this. Thanks for help and pointers. Right now we have special code at the top of our sites that blocks these bots, but I would much rather do it in one location at the firewall.
I'm trying to deny from the block of "192.168.1" without much success. Could someone around here divulge the error of my ways?
Here is the exact code I have in my .htaccess file:
Code:
AuthName "Test"
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.1.
</Limit>
I have a rewrite for mobile clients :
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|iphone|ipad|nokia" [NC]
RewriteRule ^$ https://www.myudomain.com/Mobile [L,R=302]
My mobile site is HTML5 written and old phones doesn't support it. How to exclude f.x. old nokias - like 6220 and rewrite old phones to /Mobile_old?
I have tried, without success, to block approximately 50 crawlers of the Baidu search engine, in China; since this web site can only sell magazines to people with U.S. addresses. The top 6 lines of my .htaccess file are at the bottom of this post.
Someone in OLM Support gave me the below link to webmasterworld. Since nothing I have tried so far has worked, I would appreciate someone knowledgeable about mod_rewrite and .htaccess letting me know whether I can place those 3 lines at the very top of my .htaccess file, or, if they need to be placed lower in the file. (If so, where?)
how to keep the Baidu crawlers out. The site is on Shared Hosting, so trying to keep them out with iptables or something else is not an option for me. They do not look at the robots.txt file or sitemap.txt file, they just come in....
[url]
If your site is on an Apache server, you can block using mod_rewrite via .htaccess:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Baiduspider [NC]
RewriteRule .* - [F]
I included the [NC] which allows for case differences since at least one of the Baidu bots uses "BaiDuSpider"
deny from baidu.com
deny from crawl.baidu.com
deny from 220.181.7.
deny from 123.125.66.
deny from baiduspider-220-181-7-20.crawl.baidu.com
deny from baiduspider-220-181-7-61.crawl.baidu.com
Is there any way to totally block php shell scripts on users accounts, i don't mean like the java shell in cPanel i mean a php shell script like the kind frequently used by hackers...
View 11 Replies View Relatedi have run exim -qff from SSH then i got below error let me know what to do
Code:
root@web [~]# exim -qff
sda7: write failed, user block limit reached.
sda7: write failed, user block limit reached.
sda7: write failed, user block limit reached.
i recently got multiple logs regarding this weird browser user agent,
Browser Agent:
XXX<? echo "w0000t"; ?>XXX
anyone have information regarding this?
My dedi host, was having all sorts of problems with simply just setting up a box, taking them roughly a week, and I'm still waiting for a resolution.
Anyhow,
Windows validation failed, I contacted them to open up a ticket, They wanted the password to root because I've changed the default password they gave me, so I gave them the password
(1)Should I not be doing this, or do you have to give them the password when they ask.
(2)Can this have been resolved without giving them password to root.
They said it'd be resolved in an hour, I emailed them back and they said they'll email me when it's done. But they've closed off the ticket.
(3)Issue hasn't been resolved, how's anyone going to be working on it if the ticket is closed? Shouldn't that ticket be left open till the issue is resolved?
Wow I'm so green behind the ears with all this stuff.
I've setup my ssh to login with keys and passphrase. I would like to do away with passphrases by using agent forwarding. Putty uses Pageant to store private keys, bu from all the tutorials I can find, it's a windows based feature (to add private keys). I've also tried to use ssh-add (a different agent), but it has trouble recognizing my private key passphrase (made with putty). I know the private key is working because I'm able to use use ssh without a password, just the phrase.
What's the best way to do this? Is there a putty pageant command line that I don't know about?
Plesk from plesk server Migration, I want to do
I get the following error.
Error: No Migration & Transfer Agent found. Data migration cannot be performed.
I'd like to upgrade my server from Ubuntu 12.04 to Ubuntu 14.04. The idea is to migrate my actual server (S1) to another one (S2). Then, format and install ubuntu 14.04 with Plesk on S1, and finally migrate the data from S2 to S1. Is it a good solution? Is it possible to do this using only one server? I don't know if I can do it making a backup, install Ubuntu 14.04 and then, restore the data into the server.
However, I have a problem with the migration agent. When I go the migration page, the migration agent tries to update itself and it keep at 0% forever (I attach an screenshot).
I got error, can`t access to panel:
ERROR: Service_Agent_Exception
Unable to read apache features from the service node: [Sat Jan 10 12:25:03.013856 2015] [so:warn] [pid 32541] AH01574: module actions_module is already loaded, skipping
[Sat Jan 10 12:25:03.014058 2015] [so:warn] [pid 32541] AH01574: module auth_digest_module is already loaded, skipping
[Sat Jan 10 12:25:03.014694 2015] [so:warn] [pid 32541] AH01574: module authz_user_module is already loaded, skipping
[Code] ....
I thought I knew enough about my .htaccess stuff to do this, but I can't seem to work it out. What I want to do is if a user visits domain.com/folder, we check to see if the folder exists. If so, show as normal (IE domain.com/support)
If a user visits domain.com/dynamicusername (dynamicusername is not a physical folder), redirect to dynamicusername.domain.com
How can I add nat rule in APF?
I like to create nat rule as below using iptable. But I like to use in APF.
iptables -t nat -A POSTROUTING -s 192.168.7.0/24 -o venet0:3 -j MASQUERADE
what's wrong with the following? (Besides the half-arsed queueing.)
This is a home router/firewall/NAT machine running OpenBSD. It works fine, but I'm getting periodic log entries about it blocking attempts to connect to TCP port 80 on various sites. And it's legitimate sites that show up in the logs when someone visits them. More confusingly than anything, though, everything works fine despite the log entries.
The logs cite rule 19, which, per pftop, is the following:
19 Block In Log Q dc0 tcp 352 28482 0 return-rst inet all
Where have I gone wrong, and what, exactly, is getting blocked? Again, it's legitimate sites that end users are actually connecting to, not some nefarious thing we've never heard of.
#
int_if = "rl0"
ext_if = "dc0"
# Define a list of IPs that shouldn't ever make it in/out!
nonroute = "{ 192.168.0.0/16, 127.0.0.0/8, 172.16.0.0/12, 10.0.0.0/8, 0.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 204.152.64.0/23, 224.0.0.0/3, 255.255.255.255/32 }"
# Defrag incoming packets!
scrub in all
## QUEUE TO GO HERE
##
altq on $ext_if bandwidth 750Kb hfsc queue { ack, game, dns, ssh, bulk }
queue ack bandwidth 75% priority 7 qlimit 500 hfsc (realtime 50%)
queue dns bandwidth 7% priority 6 qlimit 500 hfsc (realtime 5%)
queue game bandwidth 7% priority 6 qlimit 500 hfsc (realtime 5%)
queue ssh bandwidth 5% priority 5 qlimit 500 hfsc (realtime 5%)
queue bulk bandwidth 5% priority 1 qlimit 500 hfsc (realtime 5% default)
# Do NAT
nat on $ext_if from 192.168.1.0/24 to any -> $ext_if
# Skip loopback
pass out quick on lo0 from any to any
pass in quick on lo0 from any to any
# No sense in filtering internal LAN, either
pass out quick on $int_if from any to any
pass in quick on $int_if from any to any
# Block some major crap...
block in log quick on $ext_if inet proto icmp from any to any icmp-type redir
block in quick on $ext_if from $nonroute to any
block out quick on $ext_if from $nonroute to any
## FILTER
# Restrict what ICMP traffic we allow
pass in quick on $ext_if inet proto icmp from any to any icmp-type {
echorep, echoreq, timex, unreach }
block in log quick on $ext_if inet proto icmp from any to any
## TCP
pass in quick on $ext_if inet proto tcp from any to any
flags S/SA keep state
# Let UDP and ICMP out
pass out quick on $ext_if inet proto udp all keep state
pass out quick on $ext_if inet proto icmp from any to any keep state
# Pass out!
pass out quick on $ext_if inet proto tcp from any to any port ssh queue (ssh)
pass out quick on $ext_if inet proto tcp from any to any
flags S/SA keep state queue (ack)
pass out quick on $ext_if inet proto udp all keep state
pass out quick on $ext_if inet proto icmp from any to any keep state
# Now, we block everything else
block return-rst in log quick on $ext_if inet proto tcp from any to any
block return-icmp in log quick on $ext_if inet proto udp from any to any
block in quick on $ext_if all
I've just moved a few webistes from Linux to Windows and I'm using IIS to run them. Does anybody know of any free alternatives to ISAPI_REWRITE so I can use mod_rewrite per account?
View 8 Replies View RelatedIts October and I have a Server at home with me running NO CONTROL PANEL... I have been using it for 5 years now... But my problem is my mod_rewrite is not working... I have tried fixing it... But I can't find it in the httpd.conf file where I heard it was at... They said it came by default by Apache..
I'm running Apache2.2.4, Fedora Core 7), PHP 5, MySQL 5.... I don't see the mod_rewrite on there....
I have few subdomains pointing to a directory (using dedicated ip an A record)
I need the following rewrite rules:
[url]--> [url]
[url]--> [url]
[url]--> [url]
How can I do this?
I have to write Rewrite rule at .htaccess file
[url]
goes to
[url]
How to rewrite a url for example. I purchased ssl for example.com and when i take [url], it gives ssl domain mismatch error.
ie i want to rewrite
[url]
We installed csf firewall in main node and we have following error when try to start firewall, how can resolve this issue?
[root@m5088 csf]# csf -s
Error: The VPS iptables rule limit (numiptent) is too low (400/400) - stopping firewall to prevent iptables blocking all connections, at line 123
I have a list of categories that i want to rewrite the URL to display the names instead.
I'm using this:
RewriteMap catlist txt:C:/web/apache2/htdocs/catnames.txt
RewriteRule ^/cats/(.*)$ /categories.php?catid=${catlist:$1|0}
catnames.txt consists of
CategoryName 6
AnotherCatName 8
OnemoreCatName 9
.....
and so on.
This works fine on my local windows PC since i'm using httpd.conf to set this up.
When i use this on my server under .htaccess, the error log says "RewriteMap" not allowed here.
I it only to find out that i cant use RewriteMap under .htaccess... Is there any other alternative to achieve this without listing all the category names with corresponding rewriteurl statements in my .htaccess file?
I have installed a Apache server version 1.3.33 on windows XP and would like to enable mod_rewrite so i can rewrite my ugly url´s. How do I install this great feature in Apache so i can test it locally?
Do i just remove # from
#LoadModule rewrite_module modules/mod_rewrite.so
#AddModule mod_rewrite.c
I've lots of:
[warn] RewriteCond: NoCase option for non-regex pattern '-f' is not supported and will be ignored.
[warn] RewriteCond: NoCase option for non-regex pattern '-d' is not supported and will be ignored.
Any ideas how to track them?
does mod-rewrite consume ram?
actually found in new vb discussion of seo friendly urls and mod rewrite was an option for most friendly url, so wanted to know if constant usage of mod-rewrite adds additional load to the server or not?
forum which I and my friends use are pretty big more than 6k in a forum and other above 25k, with 250k posts in 1 forum and 600k posts in the other, so just give me an idea on wat can happen due to constant overwritten?
So I've setup a server heres the spec provided by Webmin
Operating systemUbuntu Linux 8.10
Webmin version1.470
Time on systemSun Mar 29 18:56:12 2009
Kernel and CPULinux 2.6.27-11-server on i686
System uptime5 days, 19 hours, 42 minutes
I'm struggling with mod_rewrite their seems to be no such thing...
Its not mentioned in the apache2.conf or httpd.conf, httpd.conf was blank previously but I added in certain things to get php working but I cannot get mod_rewrite working, which brings the question forward what else am i missing?
I started out with the aim of blocking the ability of viewing directories.
Quote:
Loaded Modules core mod_log_config mod_logio prefork http_core mod_so mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_deflate mod_dir mod_env mod_mime mod_negotiation mod_php5 mod_setenvif mod_status mod_vhost_alias
So how can I go about getting mod_rewrite setup and/or what ever else I'm missing that I might find essential later on once I have everything setup?
I am struggling to get this .htaccess file to work with lighttpd, i am not a coder so its very hard for me to fix it, hopefully if someone knows how can tell me how to write rewrite code that will get it working.
{quote}
1. Comment the 2 lines below if the server returns 500 errors!
Options -Indexes
Options +FollowSymLinks
#Uncomment following lines if you want to use image caching!
#<IfModule mod_expires.c>
1. ExpiresActive On
2. ExpiresDefault A1209600
3. ExpiresByType text/html A1
#</IfModule>
1. Uncomment following lines if Apache doesnt support MultiViews!
<IfModule mod_rewrite.c>
RewriteEngine On
1. Uncomment the 2 lines below if you are using www.domain.com # as the baseurl for the site and users access your site # via domain.com (THIS IS REQUIRED FOR JQUERY TO WORK)
#RewriteCond %{HTTP_HOST} ^domain.com [NC]
#RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* loader.php [L,QSA]
</IfModule>
1. Edit below lines and set to
2. ErrorDocument CODE /RELATIVE/error.php
3. If the script is installed in the default document
4. root then relative is null.
#ErrorDocument 401 /error.php
#ErrorDocument 403 /error.php
#ErrorDocument 404 /error.php {/quote}
looks like its calling the rule from loader.php file, now how can i convert this to lighttpd language,
I have been using apache and php-cgi and it works well together but when I tried to use
mod_rewrite it stopped working and I got "Internal Server Error" result.
Apache error log showed "FastCGI: incomplete headers (0 bytes) received from server"
I think that mod_rewrite rules are ok because when I refer to some HTML file then it all works.
Apache 2.2.14 and php 5.2.11