Ban UserAgent
-
- Posts: 7
- Joined: Mon Jun 01, 2009 3:36 pm
Ban UserAgent
Hi,
i'm not sure if this is an error or if I'm chuckleheaded.
I tried to Ban several Useragents but the bans didn't take effekt. One goal is to ban the Radio-Toolbox (server crashes with segmentation fault after a few days of monitoring with RTB, tired several times). I also want to restrict the access to the GUI for "normal" users. I know that it is possible to fake UAs and that this is not 100% secure.
11/07/2009@22:02:27> [serv] User-Agent: Mozilla/5.0 was banned!
<11/07/2009@22:02:35> [dest] <217.xxx.xxx.xxx> [200] (OK) "Request: GET /" {UA: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15}
<11/07/2009@22:05:34> [dest] <217.xxx.xxx.xxx> [200] (OK) "Request: GET /" {UA: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15}
Maybe there is a mistake from my side. I tried several combinations: complete agent or only a part.
Config's reloaded and server restarted; banfile is created and readable
$ cat steamcast.ban
IP:77.xxx.xxx.xxx
UA:Mozilla/4.0(compatible; RadioToolbox/v1.1.1
UA:{UA: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.14) GeckoMozilla/5.0
UA:Mozilla/5.0
Any idea?
Greetings
DJ Nightfly
i'm not sure if this is an error or if I'm chuckleheaded.
I tried to Ban several Useragents but the bans didn't take effekt. One goal is to ban the Radio-Toolbox (server crashes with segmentation fault after a few days of monitoring with RTB, tired several times). I also want to restrict the access to the GUI for "normal" users. I know that it is possible to fake UAs and that this is not 100% secure.
11/07/2009@22:02:27> [serv] User-Agent: Mozilla/5.0 was banned!
<11/07/2009@22:02:35> [dest] <217.xxx.xxx.xxx> [200] (OK) "Request: GET /" {UA: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15}
<11/07/2009@22:05:34> [dest] <217.xxx.xxx.xxx> [200] (OK) "Request: GET /" {UA: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15}
Maybe there is a mistake from my side. I tried several combinations: complete agent or only a part.
Config's reloaded and server restarted; banfile is created and readable
$ cat steamcast.ban
IP:77.xxx.xxx.xxx
UA:Mozilla/4.0(compatible; RadioToolbox/v1.1.1
UA:{UA: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.14) GeckoMozilla/5.0
UA:Mozilla/5.0
Any idea?
Greetings
DJ Nightfly
- Jay
- Will work for food (Administrator)
- Posts: 3022
- Joined: Mon Jan 14, 2002 12:48 am
- Location: Next Door
- Contact:
Re: Ban UserAgent
You need to ban the full url, no wild card or partial bans.
In your example "Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15" would be the ban string needed.
In your example "Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15" would be the ban string needed.
- Jay
-
- Posts: 7
- Joined: Mon Jun 01, 2009 3:36 pm
Re: Ban UserAgent
Hi jay,
thx for your reply.
I've banned the whole UA or better tried to ban.
Steamcast truncated the user agent:
Banned:
Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15
Steamcast's log:
[serv] User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Ge was banned!
Steamcast's banfile:
$ cat steamcast.ban | grep UA
UA:Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Ge
:/
thx for your reply.
I've banned the whole UA or better tried to ban.
Steamcast truncated the user agent:
Banned:
Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15
Steamcast's log:
[serv] User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Ge was banned!
Steamcast's banfile:
$ cat steamcast.ban | grep UA
UA:Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:1.9.0.15) Ge
:/
- Jay
- Will work for food (Administrator)
- Posts: 3022
- Joined: Mon Jan 14, 2002 12:48 am
- Location: Next Door
- Contact:
Re: Ban UserAgent
hmm ok, I will check to make sure I am not placing too strict a limit on string sizes.
- Jay