Blocking Automated Scanners Against Your Website.
Credits: Cyberb0y.
We all know that there has been a vast development in automated vulnerability scanners. There are countless private , public , free commercial automated web vulnerability scanners. And since they are available all over the internet so it has become a easy thing for anyone to find out vulnerability in your website by running automated scanner against your website. And that results in problems for the webmasters. Even if the vulnerability is not detected but it affects the website as any automated scanner send numerous request to the website in order to conduct the vulnerability scan. And thereby the website gets affected in terms of the bandwidth or if any vulnerability is found it might get exploited. So better make an arrangement before to stop people using automated scanners on your website.
This can be done by just adding few code to your .htaccess file on your server.
THE CODE IS AS FOLLOWS ===>>>
RewriteEngine On
< IfModule mod_rewrite.c
>
RewriteCond
%{HTTP_USER_AGENT}
^w3af.sourceforge.net
[NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
dirbuster [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
nikto [NC,OR]
RewriteCond
%{HTTP_USER_AGENT} SF
[OR]
RewriteCond
%{HTTP_USER_AGENT}
sqlmap [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
fimap [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
nessus [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
whatweb [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
Openvas [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
jbrofuzz [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
libwhisker [NC,OR]
RewriteCond
%{HTTP_USER_AGENT}
webshag [NC,OR]
RewriteCond
%{HTTP:Acunetix-Product}
^WVS
RewriteRule ^.*
[URL]http://127.0.0.1/[/URL] [R=301,L]
< /IfModule >
0 comments:
Post a Comment