> > What is returning the 500 response here? Is php/python/perl involved? No, I think this mod_security is generating this > As for the scrapers, you are absolutely wasting your time customizing the > response. I would just return a 403, actually. I think you might be right. I did not expect to waste so much time on trying to just send an 'empty' body. > > > > See the ErrorDocument directive. > > It does not seem to work. It looks like this config is skipped and > the error is loaded directly from the httpd binary. > > ErrorDocument 500 /406.html > > > Now, why is that response not suitable? And why would you respond > with a > > 200 for a blocked user agent? > > I think it is better to return to scrapers 200 and empty content, > instead of notifying them so they can reconfigure their systems. > > > > > > > Where/how can I change this message? > > > > <p>The server encountered an internal error or > > misconfiguration and was unable to complete > > your request.</p> > > <p>Please contact the server administrator at > > xxx to inform them of the time this error occurred, > > and the actions you performed just before this error.</p> > > <p>More information about this error may be available > > in the server error log.</p> > > </body></html> > > > > or as a work-a-round, how can refuse access with modsecurity > and just > > generate a 200 blank page response. > > > > SecRule REQUEST_HEADERS:User-Agent "blockthisua" > > "id:'13006',phase:2,log,deny,status:200" > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|