In order to block MJ12bot, seems I need to specify it for http and https
requests by adding this to both the ListenHTTP and ListenHTTPS service
sections:
HeadDeny User-Agent ".*MJ12bot.*"
Here is my complete config file:
# Global options
User "pound"
Group "pound"
# Logging: (goes to syslog by default)
# 0 no logging
# 1 normal
# 2 extended
# 3 Apache-style (common log format)
# 4 (same as 3 but without the virtual host information)
# 5 (same as 4 but with information about the Service and BackEnd used)
LogLevel 0
# Check backend every X secs:
Alive 30
# Use hardware-accelleration card supported by openssl(1):
#SSLEngine "<hw>"
# poundctl control socket
Control "/var/run/poundctl.socket"
# Redirect all http requests on port 80 to https on port 443
# The Play Framework webapp never sees these redirected requests because
Pound handles them
ListenHTTP
Address 0.0.0.0
Port 80
Err500 "/usr/local/etc/pound_error_500"
Err503 "/usr/local/etc/pound_error_500"
Service
HeadDeny User-Agent ".*MJ12bot.*"
Redirect 302 "https://va1.scalacourses.com";
End
End
# Redirect all requests on port 443 to the Play Framework webapp on port
9443
ListenHTTPS
Address 0.0.0.0
Port 443
Err500 "/usr/local/etc/pound_error_500"
Err503 "/usr/local/etc/pound_error_500"
Cert "/var/work/training/cadenza/conf/ssl/scalacourses.com.pound.pem"
Disable SSLv3
Ciphers
"EECDH+ECDSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:ECDH+AES128:ECDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!eNULL:!LOW:!aNULL:!MD5:!DSS"
SSLAllowClientRenegotiation 0
SSLHonorCipherOrder 1
HeadRemove "X-Forwarded-Proto"
AddHeader "X-Forwarded-Proto: https"
Service
HeadDeny User-Agent ".*MJ12bot.*"
BackEnd
HTTPS
Address 127.0.0.1
Port 9443
End
End
End
I got "unknown directive" for both HeadDeny entries. I am running Pound
2.7f. I tried moving the directives around, but the HeadDeny directive
does not seem to be recognized. What have I done wrong?
Is there a way to write this so the HeadDeny entries don't have to be
mentioned twice?
What other bots should I include?
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
