Excerpt |
---|
You may have experience that your website is so slow without any huge traffic-it will be something associated with a bot developed by someone. We have two three different options to block abnormal user access in Apache; : 1) set a global policy in the Apache httpd.conf 2) set a local policy based in on ReWrite Rule in .htaccess. 3) Make a 404 not found error based on the user agent. |
How to set a global policy in the Apache /etc/httpd/conf/httpd.conf ?
...
Code Block |
---|
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_USER_AGENT} !Mozilla^([^\/]+)\/(\d+)\.(\d+)[^\(]+\(([^\;]+)[^\)]+\) [NC] RewriteRule ^ - [F] </IfModule> |
Once you modify the rule in httpd.conf, you should run below commands to take it effect
Code Block |
---|
sudo systemctl restart httpd # on CentOS/RHEL sudo systemctl restart apache2 # on Debian/Ubuntu |
...
Code Block |
---|
RewriteEngine On RewriteCond %{HTTP_USER_AGENT} !Mozilla^([^\/]+)\/(\d+)\.(\d+)[^\(]+\(([^\;]+)[^\)]+\) [NC] RewriteRule ^ - [F] |
How do I block in my php code?
...
Code Block |
---|
# block abnormal connection if (!preg_match("/^Mozilla/([^\/]+)\/(\d+).(\d+)[^\(]+\(([^\;]+)[^\)]+\)/", getenv('HTTP_USER_AGENT'))) { http_response_code(404); exit; } |
...