Here is a good explanation why iptables is not practical: http://serverfault.com/questions/690870/iptables-block-user-agent
A reverse proxy like Pound, configured with the server's SSL certificate, is the only way to intercept traffic before it reaches the web server.
-- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
