Blocking Python and Ruby "User Agent"


#1

I’m having a problem with a server being attacked by so-called “user agents” being sent as “python-requests/2.19.1” (among various other versions), “python-urllib” and “Ruby”. Is there a way to block these “user agents” on a generic level (in CloudFlare) that will block all Ruby, python-requests, and python-urllib versions?

I have already tried Ruby, but I still receive requests from “Ruby” so-called “browsers”. Here is a sample:
188.166.184.185 - - [02/Aug/2018:17:46:23 -0500] “POST /?q=file/ajax/name/%23value/form-klCdlYrPoIchFypyJ9sMYAIjO-5TTyr6lmKjhqRTExE HTTP/1.1” 200 721 “-” “Ruby”
It’s to the point where I’m having to block the entire internet just to stop these requests. Python-requests samples:
142.93.80.100 - - [31/Jul/2018:22:23:13 -0500] “POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1” 403 21622 “-” “python-requests/2.18.4”
2600:3c02::f03c:91ff:febb:d842 - - [02/Aug/2018:14:11:27 -0500] “HEAD / HTTP/1.1” 200 - “-” “python-requests/2.11.1”
103.205.135.82 - - [02/Aug/2018:16:42:27 -0500] “GET / HTTP/1.1” 200 15477 “-” “python-requests/2.19.1”


#2

This topic was automatically closed after 14 days. New replies are no longer allowed.