I'm able to block a specific user agent, but I'd like to block all requests with an empty user agent using URLscan开发者_Python百科 v3.1.
Does anyone know how to do this?
There isn't a way to configure this using URLScan, but it can be done with a custom ISAPI filter on your IIS server. Here it is in C++:
DWORD WINAPI __stdcall HttpFilterProc(HTTP_FILTER_CONTEXT *pfc, DWORD NotificationType, VOID *pvData)
{
char buffer[256];
DWORD buffSize = sizeof(buffer);
HTTP_FILTER_PREPROC_HEADERS *p;
switch (NotificationType) {
case SF_NOTIFY_PREPROC_HEADERS :
p = (HTTP_FILTER_PREPROC_HEADERS *)pvData;
BOOL bHeader = p->GetHeader(pfc,"User-Agent:",buffer,&buffSize);
CString UserAgent(buffer);
if(UserAgent.GetLength() == 0) { // reject blank user agents
p->SetHeader(pfc, "url", "/rejected-blank-user-agent");
}
return SF_STATUS_REQ_HANDLED_NOTIFICATION;
}
return SF_STATUS_REQ_NEXT_NOTIFICATION;
}
I have an example block specific user-agent such as spider. Here is
RuleList=DenyUserAgent (in the options section)
(place in the end)
[DenyUserAgent]
DenyDataSection=Agent Strings
ScanHeaders=User-Agent
[Agent Strings]
YisouSpider
Maybe the word could give an explanation in the ini file.
UrlScan supports custom rules that can be applied in addition to the other checks and options specified in this configuration file. Rules should be listed in a comma separated string in the RuleList property. Each rule in the list corresponds to two sections in this configuration file, one containing the options for the rule, and one containing deny strings for the rule.
精彩评论