Firewall - tools - User Agent Blocking

autumn01 · February 24, 2020, 4:39am

firewall - tools - User Agent Blocking

Love the idea of this feature, but in practise it is a bit annoying to maintain.For example, something like this is easy to block/challenge: “AWS Security Scanner”, but something like this is a pain:

python-requests/2.18.4
python-requests/2.18.1
python-requests/2.23.0
python-requests … infinity

Would be great to just say “contains” “python-requests” or a regex like: “python-requests.*”

Also, it would be great to be able to apply the rule across all domains or perhaps have a tickable list that lets you choose which domains this is applied to. If you have lots of domains and want to stop a particular bot, that is a lot of copy/pasting.

dmz · February 24, 2020, 5:06am

Hi @autumn01,

You can create a Firewall Rule to achieve this goal:

Expression:

(http.user_agent contains "python-requests")

I moved my comment on this to your other topic.

user2866 · March 2, 2020, 1:40pm

I had the exact same question about python requests, thanks for the answer. Another question comes to my mind though - Why have a separate User Agent blocking if the firewall rules handle it with more flexibility? It is nice having the extra set of rules available in my quota but I don’t think that was its intention.