We have two different options to block abnormal user access in Apache; 1) set a global policy in the Apache httpd.conf 2) set a local policy based in ReWrite Rule in .htaccess
How to set a global policy in the Apache /etc/httpd/conf/httpd.conf ?
To set a global policy that blocks access to user agents that don't contain "Mozilla," you can use the following configuration in your httpd.conf
file:
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{HTTP_USER_AGENT} !Mozilla [NC] RewriteRule ^ - [F] </IfModule>
sudo systemctl restart httpd # on CentOS/RHEL sudo systemctl restart apache2 # on Debian/Ubuntu
You should add below scripts on top of .htaccess in your web application
RewriteEngine On RewriteCond %{HTTP_USER_AGENT} !Mozilla [NC] RewriteRule ^ - [F]