script kiddie blocker

this post is in continuation to the thread here :

Based on the details that i have gathered so far

Here is a htaccess code which you can use.

#Script kiddie blocker start
#License: GPLv2 or later
#License URI:
RewriteEngine On  
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* [R=301,L]

#Script kiddie blocker End

This is a basic setup where we are redirecting these skiddies to there own system’s so that would be a fun to look at 😛

I will keep adding more and more enteries as time progresses


Do you like what you read, What to share it

4 thoughts on “script kiddie blocker

  1. anantshri

    @rishabh, its actually analogous to access lists or mod security plugin. However considering a person is living on shared hosting environment there are already lots ot things to take care of and should not be worried by this. and most of the time these attacks are waste of resources.


Leave a Reply

Your email address will not be published. Required fields are marked *