SecFilterSelective not working?
- Thread starter MisterNinja
- Start date
I tested
SecFilterSelective HEADER_USER_AGENT "^$"
and
SecFilterSelective HEADER_USER_AGENT ""
not working.the test command is
#curl -A "" -I 127.0.0.1/test.html
however, if not empty, e.g.
SecFilterSelective HEADER_USER_AGENT "chome"
will work as expected -- will forbid Chrome browser to access.
however, you can use rewrite rule to archive the same goal, and much simpler.
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule . - [F]
rewriterule is widely used and well tested, it's simpler yet powerful.
SecFilterSelective HEADER_USER_AGENT "^$"
and
SecFilterSelective HEADER_USER_AGENT ""
not working.the test command is
#curl -A "" -I 127.0.0.1/test.html
however, if not empty, e.g.
SecFilterSelective HEADER_USER_AGENT "chome"
will work as expected -- will forbid Chrome browser to access.
however, you can use rewrite rule to archive the same goal, and much simpler.
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule . - [F]
rewriterule is widely used and well tested, it's simpler yet powerful.
I think the issue is I am trying to grab the access my site by the domain (root) - that goes through, but everything else doesn't. For some reason that rule isn't applying to /.
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:56 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:56 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
vs
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET /index.php HTTP/1.1" 403 25992 "-" "-"
Is there a reason why rules aren't applying to the root?
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:56 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
77.9.186.5 - - [22/Jun/2012:19:20:56 +0200] "GET / HTTP/1.1" 200 25992 "-" "-"
vs
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET /index.php HTTP/1.1" 403 25992 "-" "-"
Is there a reason why rules aren't applying to the root?
Last edited:
Code:
77.9.186.5 - - [22/Jun/2012:19:20:55 +0200] "GET /index.php HTTP/1.1" 403 25992 "-" "-"i.e., response body's size is 380 bytes. content is
<html>
<head><title> 403 Forbidden
</title></head>
<body><h1> 403 Forbidden
</h1>
Access to this resource on the server is denied!<hr />
Powered By <a href='http://www.litespeedtech.com'>LiteSpeed Web Server</a><br />
<font face="Verdana, Arial, Helvetica" size=-1>LiteSpeed Technologies is not responsible for administration and contents of this web site!</font></body></html>
<head><title> 403 Forbidden
</title></head>
<body><h1> 403 Forbidden
</h1>
Access to this resource on the server is denied!<hr />
Powered By <a href='http://www.litespeedtech.com'>LiteSpeed Web Server</a><br />
<font face="Verdana, Arial, Helvetica" size=-1>LiteSpeed Technologies is not responsible for administration and contents of this web site!</font></body></html>