[Firewall] Possible to Block POST Attacks by User Agent String?
michaelkintzios at gmail.com
Fri Sep 13 20:57:57 CEST 2013
On Friday 13 Sep 2013 19:23:41 Gene Cooper wrote:
> Sorry about the double posting.
> I spoke too soon about the firewall commands.
> The text strings are too generic (POST and UA) and too much valid
> traffic was being blocked, so I'm giving up on the firewall commands for
> now, leaving the web server to deal with it (403 forbidden based on UA
> Hopefully the botnet will give up soon.
> This has been more difficult than previous attacks...
I was about to say that you may block some legit users if you use this string:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 490 bytes
Desc: This is a digitally signed message part.
More information about the Firewall