Apache Block By User Agent

By | 2011/06/28

Though this is trivial to circumvent, an easy way to block by User Agent with Apache is to use mod_rewrite.

This is rather more useful to deny spam bots, scammers, and other automated tools from poking at your website!

The following rewrite rule gives a 403 Forbidden for example:

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} HTTrack
RewriteRule ^.* - [F]

Place this in either your virutalhosts config file, or an .htaccess file.

PS: There is a well known but somewhat dated ‘ultimate’ htaccess blacklist available here which has a compiled list of bots to deny: