Mike, you block the IP address using iptables or ipfw. User-Agent and other header information is layer 7. You want to stop the connection well below that protocol layer.
-- Jake -----Original Message----- From: Mike Slinn [mailto:[email protected]] Sent: Tuesday, March 1, 2016 12:52 PM To: [email protected] Subject: Re: [Pound Mailing List] Blocking spambots Here is a good explanation why iptables is not practical: http://serverfault.com/questions/690870/iptables-block-user-agent A reverse proxy like Pound, configured with the server's SSL certificate, is the only way to intercept traffic before it reaches the web server. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
