How to block evil majestic bot

Discussion in 'General' started by jrmarino, Dec 23, 2007.

  1. jrmarino

    jrmarino Well-Known Member

    I was looking in my logs, here is a sample:

    The logs are filled with this majestic bot, but the robots.txt instructs to disallow all robots to the entire document root. According to this page:

    There is an evil botnot spoofing an older version of a legitimate bot. They suggest filtering out the request based on this text "MJ12bot/v1.0.8"

    Exactly how do I do that? I am guessing it is the "Filter Request" tab on the server panel?

    Can you outline the settings necessary to block this nuisance?
    Last edited: Dec 23, 2007
  2. jrmarino

    jrmarino Well-Known Member

  3. mistwang

    mistwang LiteSpeed Staff

    Use rewrite rule or request fileter

    Rewrite Rule

    RewriteCond %{HTTP_USER_AGENT} ^MJ12bot/v1.0.8 [NC,OR]
    RewriteRule .*  - [F]
    filter rule
    SecFilterSelective HEADER_USER_AGENT ^MJ12bot/v1.0.8
  4. jrmarino

    jrmarino Well-Known Member

    Thanks a lot!
  5. killed

    killed Member

    My apology to this thread (long time): I implementing this to block Firefox/3
    But not effect - - [16/Feb/2012:15:01:41 +0700] "POST /forum/login.php?do=login HTTP/1.1" 200 4464 "" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv: Gecko/20100722 AskTbFXTV5/ Firefox/3.6.8"

    _Rule: SecFilterSelective HEADER_USER_AGENT "Firefox/3"
  6. killed

    killed Member

    Up this thread :(
  7. webizen

    webizen Well-Known Member

    Does this rule in .htaccess work for you?
  8. killed

    killed Member

    Yes, in .htaccess work fine. But I need "hard" prevent for all host (with 100 host, use .htaccess impossible)

    Thank webizen replied.
  9. webizen

    webizen Well-Known Member

    you can also try mod_security rule as follows:
  10. killed

    killed Member

    I tried both:
    SecFilterSelective HTTP_USER_AGENT "MSIE\ 6"
    SecFilterSelective HEADER_USER_AGENT "MSIE\ 6"

    But nothing to effect - - [02/Mar/2012:12:52:58 +0700] "GET /auto.html HTTP/1.1" 200 935 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" - - [02/Mar/2012:12:52:58 +0700] "GET /hinh/ads.jpg HTTP/1.1" 200 15668 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
  11. masood_y

    masood_y Well-Known Member

    How can block "majestic bot" on litespeed server?
  12. NiteWave

    NiteWave Administrator

    in .htaccess,

    RewriteCond %{HTTP_USER_AGENT} majestic[NC,OR]
    RewriteRule .* - [F]

    can block it.

Share This Page