IIS Request Filtering Rule for User Agent

Posted by alexp on Server Fault See other posts from Server Fault or by alexp
Published on 2013-10-24T15:54:43Z Indexed on 2013/10/24 15:56 UTC
Read the original article Hit count: 204

Filed under:

iis7.5

|

bots

|

request-filtering

I'm trying to block requests from a certain bot. I've added a request filtering rule, but I know it is still hitting the site because it shows up in Google Analytics. Here is the filtering rule I added:

<security>
<requestFiltering>
    <filteringRules>
      <filteringRule name="Block GomezAgent" scanUrl="false" scanQueryString="false">
        <scanHeaders>
          <add requestHeader="User-Agent" />
        </scanHeaders>
        <denyStrings>
          <add string="GomezAgent+3.0" />
        </denyStrings>
      </filteringRule>
    </filteringRules>
  </requestFiltering>
</security>

This is an example of the user agent I'm trying to block.

Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:13.0;+GomezAgent+3.0)+Gecko/20100101+Firefox/13.0.1

In some ways it seems to work. If I use Chrome to spoof my user agent, I get a 404, as expected. But the bot traffic is still showing up in my analytics. What am I missing?

© Server Fault or respective owner

Related posts about iis7.5

Configuring IIS7 404 page when using IIS7 urlrewrite module

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I've got custom errors to work for .aspx page like: www.domain.com/whateverdfdgdfg.aspx But, when no .aspx url is requested, (like http://www.domain.com/hfdkfdh4545) it results in an error: HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed… >>> More
How to create a Subdomain in IIS7?

as seen on Server Fault - Search for 'Server Fault'
In IIS7 I have a site: http://www.mydomain.com/mysite How can I get the same site to appear as: http://mysite.mydomain.com ? I already have the DNS set up and can ping it, I just do not know how to configure it in IIS7. >>> More
How can I control which IP address IIS7 uses?

as seen on Server Fault - Search for 'Server Fault'
In Win2k3 I used httpcfg to tell IIS to listen to specific IP addresses on the server. I want to run Apache with VisualSVN Server on port 80 on another IP address but IIS7 binds to all ports by default. What utility for IIS7 controls the IIS7 bindings? Update: I found the answer. There is a utility… >>> More
WCF service hosted in IIS7 with administrator rights?

as seen on Server Fault - Search for 'Server Fault'
Hello, How do I grant administrator rights to a running WCF service hosted in IIS7? The problem is, my code works fine in a test console application runned as an administrator, but the same code used from WCF service in IIS7 fails. When I run the same console test application without admin rights… >>> More
authentication problem on windows vista (cookie is getting written but httpcontext.current.user is n

as seen on Stack Overflow - Search for 'Stack Overflow'
authentication problem on windows vista (iis7) (cookie is getting written but httpcontext.current.user is null) >>> More

Related posts about bots

How to remove bots from my computer?

as seen on Super User - Search for 'Super User'
Because trend micro's rubotted detected that there is a bot running on my system and recommends to run Trend micro's house call to remove the bot. But when I ran house call, it does not detect anything. By the way,my current antivirus software is Microsoft Security Essentials. >>> More
Java, how to make bots? Beginner

as seen on Stack Overflow - Search for 'Stack Overflow'
I am new in the world of programming. I am student of J2ME(Java) beginner. And I am interested to make bot, how to make bots easily. Any guide? Link or keywords which I can google to learn things? >>> More
Twitter traffic might not be what it seems

as seen on Hadermann.be - Search for 'Hadermann.be'
Are you using bit.ly stats to measure interest in the links you post on twitter? I’ve been hearing for a while about people claiming to get the majority of their traffic originating from twitter these days. Now, I’ve been playing with the twitter ruby gem recently, doing various experiments… >>> More
Searchengine bots and meta refresh for disabled Javascript

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi! I have a website that must have javascript turned on so it can work there is a < noscript tag that have a meta to redirect the user to a page that alerts him about the disabled javascript... I am wondering, is this a bad thing for search engine crawlers? Because I send an e-mail to myself… >>> More
Video Game Bots?

as seen on Stack Overflow - Search for 'Stack Overflow'
Something I've always wondered, especially since it inspired me to start programming when I was a kid, was how video game bots work? I'm sure there are a lot of different methods, but what about automation for MMORPGs? Or even FPS-type bots? >>> More