Blocking Site Visitors by User Agent
One of my sites was receiving a lot of hits with a user agent of Mozilla/4.0 (compatible; ICS), within a very short timeframe (requests within the same second), from a huge variety of IP addresses.
A quick look around showed ‘compatible; ICS’ is probably not a person or search engine.
I checked several IP addresses that used that user agent at: Project HoneyPot, and most of them were listed as potential sources of dictionary attacks and spam senders.
A common reaction to this is to block the requests by user agent, and that’s what I did, using:
RewriteCond %{HTTP_USER_AGENT} (compatible;\ ICS)
RewriteRule ^ - [F]
These must go before any other RewriteRules.
To test the site and ensure it still runs properly, I used Bots vs. Browsers, which allows you to request pages using a specific user agent string. Be sure to check the page with user agents that include the string you want to block, and those which should be allowed.
Print article | This entry was posted by elvis on 02/25/11 at 05:08:37 am . Follow any responses to this post through RSS 2.0. |