网站日志中大量空user-agent来路,分析后判断是恶意请求,于是针对iis做了如下伪静态规则:
<rewrite>
<rules>
<rule name=”NoUserAgent” stopProcessing=”true”>
<match url=”.*” />
<conditions>
<add input=”{HTTP_USER_AGENT}” pattern=”^$” />
</conditions>
<action type=”CustomResponse” statusCode=”403″ statusReason=”Forbidden: Access is denied.” statusDescription=”You did not present a User-Agent header which is required for this site” />
</rule>
</rules>
</rewrite>
用谷歌浏览器模拟空ua访问,测试屏蔽起作用了