One option to block specific user agents is to use this tutorial.
BrowserMatchNoCase python bad_bot
BrowserMatchNoCase catexplorador bad_bot
Order Deny,Allow
Deny from env=bad_bot
The BrowserMatchNoCase
allows case insensitive matches against the user agent.
A second option is to use the SetEnvIfNoCase command
SetEnvIfNoCase Referer "^$" bad_user
SetEnvIfNoCase User-Agent "python" bad_user
SetEnvIfNoCase User-Agent "catexplorador" bad_user
SetEnvIfNoCase User-Agent "^$" bad_user
Order Deny,Allow
Deny from env=bad_bot
This example blocks empty referrers (WARNING! NOT RECOMMENDED) and user agents that contain either python
or catexplorador
. You don't want to block empty referrers because they can be removed automatically by browsers. It also blocks empty user agents using the last line. Browsers can also do this automatically, depending on how they are configured.
Side note: User agents can be spoofed and changed at will and this is not guaranteed to block anything if the user changes their user agent.
The BrowserMatch is a special cases of the SetEnvIf directive that sets environment variables conditional on the User-Agent HTTP request header.
The BrowserMatch
can only check the user agent, while the SetEnvIf
can check other parameters.