You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

We have two different options to block abnormal user access in Apache; 1) set a global policy in the Apache httpd.conf 2) set a local policy based in ReWrite Rule in .htaccess

How to set a global policy in the Apache /etc/httpd/conf/httpd.conf ?

To set a global policy that blocks access to user agents that don't contain "Mozilla," you can use the following configuration in your httpd.conf file:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_USER_AGENT} !Mozilla [NC]
    RewriteRule ^ - [F]
</IfModule>


sudo systemctl restart httpd # on CentOS/RHEL
sudo systemctl restart apache2 # on Debian/Ubuntu


Hot to set a local policy for your web application?


You should add below scripts on top of .htaccess in your web application

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} !Mozilla [NC]
RewriteRule ^ - [F]


  • No labels