Block by useragent or empty referer

A stranger bot (GbPlugin) is codifying the urls of the images and causing error 404.

I tried to block the bot without success with this in the bottom of my .htaccess, but it didn't work.

Options +FollowSymlinks  
RewriteEngine On  
RewriteBase /  
RewriteEngine on  
RewriteCond %{HTTP_REFERER} !^$  
RewriteCond %{HTTP_USER_AGENT} ^$ [OR]  
RewriteCond %{HTTP_USER_AGENT} ^GbPlugin [NC]  
RewriteRule .* - [F,L]     

The log this below.

201.26.16.9 - - [10/Sep/2011:00:06:05 -0300] "GET /wp%2Dcontent/themes/my_theme%2Dpremium/scripts/timthumb.php%3Fsrc%3Dhttp%3A%2F%2Fwww.example.com%2开发者_JS百科Fwp%2Dcontent%2Fuploads%2F2011%2F08%2Fmy_image_name.jpg%26w%3D100%26h%3D65%26zc%3D1%26q%3D100 HTTP/1.1" 404 1047 "-" "GbPlugin"

Sorry for my language mistakes

---

Here's what you can put in your .htacces file

Options +FollowSymlinks  
RewriteEngine On  
RewriteBase /  
SetEnvIfNoCase Referer "^$" bad_user
SetEnvIfNoCase User-Agent "^GbPlugin" bad_user
SetEnvIfNoCase User-Agent "^Wget" bad_user
SetEnvIfNoCase User-Agent "^EmailSiphon" bad_user
SetEnvIfNoCase User-Agent "^EmailWolf" bad_user
SetEnvIfNoCase User-Agent "^libwww-perl" bad_user
Deny from env=bad_user

This will return:

HTTP request sent, awaiting response... 403 Forbidden
2011-09-10 11:15:48 ERROR 403: Forbidden.

---

May I recommend this method:

Put this is .htaccess in root of your site.

ErrorDocument 503 "Your connection was refused"
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^(Mozilla.*537.36|Mozilla.*UCBrowser\/9.3.1.344)$ [NC]
RewriteRule .* - [R=503,L]

Where

^(Mozilla.*537.36|Mozilla.*UCBrowser\/9.3.1.344)$

are the two useragents I wanted to block in this example case.

You can use regex so a useragent like

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0

could be

Mozilla.*Firefox\/40.0

^means match from beginning and $ to the end so you could block just one useragent with:

ErrorDocument 503 "Your connection was refused"
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*Firefox\/40.0$ [NC]
RewriteRule .* - [R=503,L]

Or add several using the | character to separate them inside ( and ) like in the first example.

RewriteCond %{HTTP_USER_AGENT} ^(Mozilla.*537.36|Mozilla.*UCBrowser\/9.3.1.344)$ [NC]

You can test it by putting your useragent in the code and then try to access the site. http://whatsmyuseragent.com/

---

To block empty referers, you can use the following Rule :

RewriteEngine on

RewriteCond %{HTTP_REFERER} ^$
RewriteRule ^ - [F,L]

This will forbid all requests to your site if HTTP_REFERER value is empty ^$ .

To block user agents, you can use

RewriteEngine on

RewriteCond %{HTTP_USER_AGENT} opera|firebox|foo|bar [NC]
RewriteRule ^ - [F,L]

This will forbid all requests to your site if HTTP_USER_AGENT matches the Condition pattern.