script kiddie blocker

this post is in continutation to the thread here : http://www.garage4hackers.com/f11/script-kiddie-blocker-2581.html

based on the details that i have gathered so far here …

Here is a htaccess code which you can use.

#Script kiddie blocker start
#License: GPLv2 or later
#License URI: http://www.gnu.org/licenses/gpl-2.0.html
RewriteEngine On  
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1 [R=301,L]
</IfModule>

#Script kiddie blocker End

This is a basic setup where we are redirecting these skiddies to there own system’s so that would be a fun to look at :P

I will keep adding more and more enteries as time progresses

 

4 thoughts on “script kiddie blocker

  1. anantshri

    @rishabh, its actually analogous to access lists or mod security plugin. However considering a person is living on shared hosting environment there are already lots ot things to take care of and should not be worried by this. and most of the time these attacks are waste of resources.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>