Comments on: How to Block Java user-agents http://www.tacticaltechnique.com/how-to/block-java-user-agents/ Web development with Corey Salzano Fri, 03 Feb 2012 02:45:21 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Jdilegge http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-53895 Jdilegge Tue, 31 May 2011 22:11:00 +0000 http://www.tacticaltechnique.com/?p=224#comment-53895 There is always some annoying kid that has to start name calling and acting like he is all knowing. Love the post, it is accurate and useful. There is always some annoying kid that has to start name calling and acting like he is all knowing.

Love the post, it is accurate and useful.

]]> By: Jon http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-52068 Jon Wed, 04 May 2011 03:33:47 +0000 http://www.tacticaltechnique.com/?p=224#comment-52068 You both have valid points and a bit of name calling. I'm curious to who has the stronger case. You both have valid points and a bit of name calling. I’m curious to who has the stronger case.

]]> By: Corey http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-49376 Corey Thu, 31 Mar 2011 19:15:04 +0000 http://www.tacticaltechnique.com/?p=224#comment-49376 Fernando: Because Java bots clog up my error logs and Java bots are used in SQL injection attacks. When other user agents abuse my websites, I will block them, too. This isn't stupid or paranoid. It's been successful for years; look at the date on this post. Sure, idiots can change their user-agents, and I can use other criteria to block their malicious intent. There's no way to escape a server log, and analysis of logs is what helps me create solutions like this. You are wrong about not being able to choose who accesses my website. I can block whatever I want using mechanisms that are built into any modern web server. You would be surprised to learn that lots of servers use whitelists to filter traffic, a step further than the blacklists I maintain. Why should I tolerate attacks when the tools to block the least sophisticated are so easy to use? Fernando:

Because Java bots clog up my error logs and Java bots are used in SQL injection attacks. When other user agents abuse my websites, I will block them, too.

This isn’t stupid or paranoid. It’s been successful for years; look at the date on this post.

Sure, idiots can change their user-agents, and I can use other criteria to block their malicious intent. There’s no way to escape a server log, and analysis of logs is what helps me create solutions like this.

You are wrong about not being able to choose who accesses my website. I can block whatever I want using mechanisms that are built into any modern web server.

You would be surprised to learn that lots of servers use whitelists to filter traffic, a step further than the blacklists I maintain.

Why should I tolerate attacks when the tools to block the least sophisticated are so easy to use?

]]> By: Fernando Cassia http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-49371 Fernando Cassia Thu, 31 Mar 2011 19:00:35 +0000 http://www.tacticaltechnique.com/?p=224#comment-49371 Why single-out Java bots and not Silverlight, Flash, and unknown browsers as well?. You will realize how stupid your paranoia is when people change the user agent to "MSIE 9, Win7 x64", and are able to continue crawling your site. If you place a web site on the open internet, it´s to be accesed by any user agent, not just your preference of browsers. I say F´You to people like you and your ilk, who don´t have a clue about what the open internet is all about. FC Why single-out Java bots and not Silverlight, Flash, and unknown browsers as well?.

You will realize how stupid your paranoia is when people change the user agent to “MSIE 9, Win7 x64″, and are able to continue crawling your site.

If you place a web site on the open internet, it´s to be accesed by any user agent, not just your preference of browsers.

I say F´You to people like you and your ilk, who don´t have a clue about what the open internet is all about.

FC

]]> By: Fighting Bots Via Their Bad Requests - PlanetMike's Technology Journal http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-4925 Fighting Bots Via Their Bad Requests - PlanetMike's Technology Journal Sun, 07 Jun 2009 13:46:11 +0000 http://www.tacticaltechnique.com/?p=224#comment-4925 [...] access my web site? I’ve also decided to block access to my web site by Java user agents. See How To Block Java User-Agents for someone else’s similar approach to the Java [...] [...] access my web site? I’ve also decided to block access to my web site by Java user agents. See How To Block Java User-Agents for someone else’s similar approach to the Java [...]

]]> By: Corey http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-2643 Corey Thu, 26 Feb 2009 04:27:09 +0000 http://www.tacticaltechnique.com/?p=224#comment-2643 Yuri, rewrite rules can be implemented to block IP address ranges: <code>RewriteCond %{REMOTE_ADDR} 213\.93\.196\.\d\d?\d? RewriteCond %{HTTP_USER_AGENT} Java.* RewriteRule ^/(.*)$ /$1 [F]</code> \d represents a single digit in regular expressions, and a question mark ? makes that character optional Yuri, rewrite rules can be implemented to block IP address ranges:

RewriteCond %{REMOTE_ADDR} 213\.93\.196\.\d\d?\d?
RewriteCond %{HTTP_USER_AGENT} Java.*
RewriteRule ^/(.*)$ /$1 [F]

\d represents a single digit in regular expressions, and a question mark ? makes that character optional

]]> By: Yuri http://www.tacticaltechnique.com/how-to/block-java-user-agents/#comment-2621 Yuri Tue, 24 Feb 2009 13:02:20 +0000 http://www.tacticaltechnique.com/?p=224#comment-2621 Thanks for Java-bot explanations. Recently I too have found such and other robots on a site. Many robots steal contents of pages of a site, so the decision to block them is correct. But I do it a little in another way, because the Rewrite Enginerules rules is not convenient for blocking of ranges of IP-addresses, therefore it does a script on PHP, likely: $block= array( "84.120.0.0-84.123.255.255", "122.198.0.0-122.198.255.255", "205.209.128.0-205.209.191.255" ); function checkIP($ip) { for ($i=0; $i= $b_IP && $IP <= $e_IP) return true; } return false; } "Manually" blocking IP and UserAgent is not the best practice, so I use robots detection by pseudo-picture loading and JavaScrips evaluating. But Java-bots loaded all pseudo-pictures and evaluate JavaScrips! One way to detect Java-bots - by UserAgent's field, but it is not so difficult Ñ‚o change this fieled. What to do in this case? Thanks for Java-bot explanations. Recently I too have found such and other robots on a site.
Many robots steal contents of pages of a site, so the decision to block them is correct.

But I do it a little in another way, because
the Rewrite Enginerules rules is not convenient for blocking of ranges of IP-addresses, therefore it does a script on PHP, likely:
$block= array(
“84.120.0.0-84.123.255.255″,
“122.198.0.0-122.198.255.255″,
“205.209.128.0-205.209.191.255″
);
function checkIP($ip) {
for ($i=0; $i= $b_IP && $IP <= $e_IP) return true;
}
return false;
}

“Manually” blocking IP and UserAgent is not the best practice, so I use robots detection by pseudo-picture loading and JavaScrips evaluating. But Java-bots loaded all pseudo-pictures and evaluate JavaScrips!
One way to detect Java-bots – by UserAgent’s field, but it is not so difficult Ñ‚o change this fieled.
What to do in this case?

]]>