Question Can modsecurity be used to exclude bot agents ?

[sanbis]

Server operating system version

Windows Server 2019

Plesk version and microupdate number

Plesk Obsidian Web Host Edition

The currently used rule is Atomic Advanced
I don't know if it is possible to use a custom rule to exclude bot agents ?

SecRule REQUEST_HEADERS:User-Agent "@rx (?:AhrefsBot)" "msg:'AhrefsBot Spiderbot blocked',phase:1,log,id:7777771,t:none,block,status:403"

if ($http_user_agent ~ (MJ12bot|LieBaoFast|UCBrowser|MQQBrowser|Mb2345Browser|gumgum-bot|postmanruntime|ag_dm_spider|scrapy|chimebot|trendkite-akashic-crawler|ZoominfoBot|Sogou|ALittle|Keybot|Buck|curl|webprosbot|RestSharp|Snap|SemrushBot|AhrefsBot|DataForSeoBot)) {
return 403;
}

 

[A_SH]

Hello Sanbis,

I believe that you may have an apache web server. and let me guide you through some steps to exclude bot agents using ModSecurityAnd I assume that you have already installed it. If you haven’t, then follow me.

In the Apache configuration setup, we already have an included directory for ModSecurity rules

Configure ModSecurity to Block bot Agents.



Please go through the attached files.