One of regular reader asks a question:
My website powered by Lighttpd web server. I’d like to block Wget useragent for entire my domain.com site except for /downloads/ url section. How do I configure lighttpd?
You need to use $HTTP filed useragent and url combination. Just open your lighttpd.conf file and append code as follows.
Lighttpd block useragent wget configuration
# vi /etc/lighttpd/lighttpd.conf
Append config directive as follows:
$HTTP["useragent"] =~ "Wget" {
$HTTP["url"] !~ "^/download($|/)" {
url.access-deny = ( "" )
}
}Where,
- $HTTP["useragent"] : Match on useragent i.e. Wget
- $HTTP["url"] : Match on url section such as /download/*. If there are nested blocks, this must be the most inner block.
- =~ : Perl style regular expression match
- !~ : Perl style regular expression not match
Just restart the webserver, enter:
# /etc/init.d/lighttpd restart
Now user can run wget on http://domain.com/download/* urls but not on http://domain.com/file.html or http://domain.com/dir/file
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
{ 3 comments… read them below or add one }
This is pointless imo.
Users will still be able to use wget on your whole domain if they use wget –user-agent ….
Is it possible to match all the blank agent?
# user-agent empty or made of any number of spaces rejected
$HTTP["useragent"] =~ “^ *$” {
url.access-deny = ( “” )
}
there’s a single space between ^ and *