I'm trying to block the access to this user agent who's visiting me: Mozilla/5.0 (compatible; Seekport Crawler; http://seekport.com/ (with no ) at the end, its not a fault).
I have tried this one (with two more agents)
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} OnalyticaBot [NC, OR]
RewriteCond %{HTTP_USER_AGENT} Re-re Studio (+http://vip0.ru/) [NC, OR]
RewriteCond %{HTTP_USER_AGENT} Mozilla/5.0 (compatible; Seekport Crawler; http://seekport.com/ [NC]
RewriteRule .* - [F,L]
I have tried a couple more with this sintax (using entire string and using only "Seekport") but still seeing the agent user asking for in the log
RewriteCond %{HTTP_USER_AGENT} ^.(user_agent1|user_agent2).$ [NC]
Could you help me?
RewriteCond %{HTTP_USER_AGENT} Re-re Studio (+http://vip0.ru/) [NC, OR]
By default, the 2nd argument to the RewriteCond directive is a regular expression (regex), so any meta characters (eg. + and .) need to be properly escaped. But importantly, spaces are delimiters in Apache config files so these also need to be escaped, otherwise, the directive will be wholly invalid. On Apache, the above will result in a fatal error (500 Internal Server Error) due to "bad flag delimiters". On LiteSpeed, it will simply fail silently.
Spaces can be "escaped" by either:
Precede the space with a backslash. eg. \ in hello\ world
Or, use a \s shorthand character class to represent any white-space character. eg. hello\sworld.
Or, enclose the entire argument in double-quotes. eg. "hello world".
[NC, OR] - However, there should be no spaces in the flag delimiters argument. This should be [NC,OR] (no space).
So, the above could be written like this:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} OnalyticaBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Re-re Studio (\+http://vip0\.ru/)" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/5\.0 (compatible; Seekport Crawler; http://seekport\.com/$" [NC]
RewriteRule ^ - [F]
The regex .* in the RewriteRule pattern can be simplified to just ^ (which is more efficient) and the L flag is not required when using F - it is implied.
If you want to match an entire user-agent string then you can use the = (lexicographical string comparison for equality) prefix operator (together with double-quotes) on the CondPattern to test for an exact match.
For example:
RewriteCond %{HTTP_USER_AGENT} "=This is the exact user-agent I want to block"
RewriteRule ^ - [F]
In the above example, the string This is the ... block is an ordinary string, not a regex.
Related
I would like to know if there is a way to block all user-agents except the one that contains the word "chrome" using .htaccess
I used something like this, but this works unfortunately only if the exact name is given..
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} !Lynx/2\.8\.8dev\.12 [NC]
RewriteRule ^ - [F,L]
You can just use:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} !chrome [NC]
RewriteRule ^ - [F]
Need to block the user agent from .htaccess file with forbidden error. But this effect had to work only with Google, Bing and where there's no user agent at all. This doesn't work:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} (Google|Bing||onlytogivespace) [NC]
RewriteRule (.*) - [F,L]
I wrote this but for the null user agent it doesn't seem to work.
Need help please...
RewriteCond %{HTTP_USER_AGENT} (Google|Bing||onlytogivespace) [NC]
RewriteRule (.*) - [F,L]
This will block every user-agent. Because the regex in the RewriteCond directive is checking whether the user-agent contains "" (nothing) - not that it is equal to an empty string. This regex will successfully match every string/user-agent, so will block everything.
To match an empty user-agent, you would need to change the regex to something like: (Google|Bing|^$|onlytogivespace). Note the ^$ to match an empty string.
Additional notes:
You don't need the NC flag on the RewriteCond directive. You know that Googlebot is always Googlebot and bingbot is always bingbot.
No need for the L flag on the RewriteRule directive when using F. L is implied in this instance.
(.*) is not necessary, since you don't need to explicitly match the URL-path and you don't need the backreference.
Not sure what the onlytogivespace is for?
So, this could be rewritten:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} (Googlebot|bingbot|^$)
RewriteRule ^ - [F]
I'm trying to get a series of rewrite conditions working, with the logic being this
if condition1 or
(condition2 and condition3) or
..
This is what I have in the .htaccess:
RewriteCond %{HTTP_USER_AGENT} "iphone" [OR,NC]
RewriteCond %{HTTP_USER_AGENT} "android&mobile" [OR,NC]
RewriteCond %{HTTP_USER_AGENT} "iemobile" [NC]
Unfortunately, it looks like the and operator isn't working as I thought it would.
(as you might guess, the idea is to detect android phones but not tablets)
Is there a way to write that and condition to achieve the results I'm looking for?
Thanks.
Unfortunately, the [OR] flag doesn't work as nice enough for it to be useful, it only works for either all "or"'d or all "and"'d conditions. It's not very predictable. What you may need to do is separate them out to several rules and either use the S flag to skip stuff or the pass-through.
Maybe something along the lines of:
# Prevent rewrite looping
RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ - [L]
# if "iphone" OR
RewriteCond %{HTTP_USER_AGENT} "iphone" [NC]
RewriteRule ^ - [S=3]
# "android" AND "mobile", OR
RewriteCond %{HTTP_USER_AGENT} "android" [NC]
RewriteCond %{HTTP_USER_AGENT} "mobile" [NC]
RewriteRule ^ - [S=2]
# "iemobile"
RewriteCond %{HTTP_USER_AGENT} "iemobile" [NC]
RewriteRule ^ - [S=1]
# skip everything, none of the conditions match
RewriteRule ^ - [L]
# apply the rule
RewriteRule ^ /do-something [L]
Looks like a mess but that's mod_rewrite for you.
The first rule is to prevent any sort of internal rewrite looping. The "# skip everything" rule is the one that gets applied if none of the 3 conditions match, it essentially does nothing excepts stops any rewriting. If you have other rules after all of this stuff that you want to get applied, you can replace the L flag with S=1.
The last rule is the rule that gets applied if any of the 3 conditions matches.
The following code works fine:
RewriteCond %{HTTP_REFERER} !^http://superwebx.com/.*$ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png|swf|css)$ - [F]
but I want to make a generic script serve me for several sites I manage, but fails try to get
RewriteCond %{HTTP_REFERER} !^http://%{HTTP_HOST}/.*$ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png|swf|css)$ - [F]
You can't use variables inside the regex. You can work around this by using a RegEx backreference like so:
RewriteCond %{HTTP_REFERER} ^https?://([^/]+)/ [NC]
RewriteCond %1#%{HTTP_HOST} !^(.+)#\1$
RewriteRule \.(jpe?g|gif|bmp|png|swf|css)$ - [F]
(note the # is just used as a boundry. It could be any character that isn't used in domain-names.)
Very old one, but here's your answer:
RewriteCond %{HTTP_HOST}##%{HTTP_REFERER} !^([^#]*)##https?://\1/.*
I recently had an RFI attack where the query string had a bunch of ../../../ and I'd like to modify .htaccess to prevent any ../ in the query string.
I was trying this until I realized the period needed to be escaped:
RewriteCond %{QUERY_STRING} ../
RewriteRule .* - [F]
I then changed it to:
RewriteCond %{QUERY_STRING} \.\./
RewriteRule .* - [F]
But it still forbids any / in the query string.
Also, If I have the rule in {REQUEST_URI} would that make the {QUERY_STRING} redundant?
Thanks.
EDIT:
I have had success getting this to work by:
RewriteCond %{QUERY_STRING} (\.\./)
However, RewriteCond %{REQUEST_URI} \.\./ or RewriteCond %{REQUEST_URI} (\.\./) does not. I've also tried /\.\./ & (/\.\./)
The %{QUERY_STRING} is everything after the ?, so your rules successfully block a URL like htis:
http://domain.com/blah.php?../../../path
But your URI won't be checked. You can check against both by amending your rule:
RewriteCond %{QUERY_STRING} \.\./ [OR]
RewriteCond %{REQUEST_URI} \.\./
RewriteRule .* - [F]