Hi - I am trying to block google's web accelerator. I have the following request filter setup: Action: log,deny,status:403,msg:'GWA Prefetch' Rule: SecFilterSelective HTTP_X_MOZ "prefetch" I then test it using curl: curl --header "X-Moz: prefetch" -v -I http://example.com It returns a valid 200 response. If I change the rule to: SecFilterSelective HTTP_USER_AGENT "curl" Then it mostly works. It doesn't return a 403, but does return a 404. This is occurring on standard edition, linux x86, version 3.2.2. I've also tried the "REQUEST_HEADERS:X-Moz" which resulted in an error in the log files saying it was an unknown variable and couldn't be parsed. Can you tell me if this is a known bug, if there's a work around and how we can get it to return a 403 instead of 404?