Blacklisting bots and abusive users

Topics: Developer Forum
Aug 22, 2008 at 9:22 PM
I have been using IIRF for a few months now, and I love it. This week, I wrote some rules that allow me to blacklist bad bots and abusive users from accessing any sites on our servers. In this particular example, I am blocking IP and user agent Java/1.6.0-oem.

RewriteCond %{REMOTE_ADDR}
RewriteCond %{HTTP_USER_AGENT} Java/1.6.0-oem
RewriteRule ^/(.*)$ /$1 [F]

The rewrite rule says match any file to that exact file name, but add the [F] forbidden flag to deliver the 403 error page to the client. I love this method because it allows me to block based on IP address and user agent instead of just the IP like IIS offers. I wrote a post on my blog today with a little more detail:

Blacklisting via Ionic’s Isapi Rewrite Filter

Aug 23, 2008 at 3:25 PM

Thanks, Corey!  Very helpful.