On Sun, Mar 30, 2008 at 3:32 PM, Grant Peel <gpeel@xxxxxxxxxxxxx> wrote: > Thanks Joshua, > > So, If I am reading that docs correctly, the bit I have to deny certain USer > Agents should go near the top of my httpd.conf? > > SetEnvIfNoCase User-Agent "^IDBot" block_bad_bots > SetEnvIfNoCase User-Agent "^$" block_bad_bots > SetEnvIfNoCase User-Agent "Java/1.4.1_04" block_bad_bots > > <Directory "/"> > Order Allow,Deny > Allow from all > Deny from env=block_bad_bots > </Directory> It doesn't matter where in httpd.conf that it goes. But this will only work if you have NO OTHER Order/Allow/Deny statements in httpd.conf. Since <Directory /> is essentially the first thing evaluated (regardless of its location) it will get overridden by any other access control directives. This isn't a problem unless you have some generic <Directory /var/web> Order Allow,Deny Allow from all </Directory> sections which will turn off your anti-robot rules. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|