How To Stop AVG Scanner Hitting Apache Web Server

by on July 4, 2008 · 5 comments· LAST UPDATED July 4, 2008

in , ,

If you noticed a lot of extra "MSIE 6.0" agents in Apache web server log, try following .htaccess code (hat tip to pixelbeat)

Rewritecond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1; SV1.$" [OR]
Rewritecond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1;1813.$"
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP:Accept-Encoding} ^$
RewriteRule ^.* http://www.avg.com/?LinkScannerSucks [R=307,L]
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 5 comments… read them below or add one }

1 soraver July 4, 2008 at 11:07 am

is it possible to have this code for lighttpd?

Reply

2 bob July 4, 2008 at 2:15 pm

Personally, if you are concerned about performance at all, I’d recommend NOT using .htaccess files for this but just put those rules within a Directory block inside the httpd.conf file. .htaccess files must be read through for every single request (allows for more dynamic nature) whereas the Directory blocks are read and cached once.

Reply

3 MADrod July 4, 2008 at 5:22 pm

Very good, Thanx
See ya

Reply

4 Pat Bitton July 5, 2008 at 6:26 am

Following is AVG’s official response to LinkScanner concerns:

We’d like to thank our web community for bringing these challenges to our attention, as building community trust and protecting all of our users is critical to us. We have modified the Search-Shield component of LinkScanner to only notify users of malicious sites; this modified version will be rolled out on July 9th 2008. As of this date. Search-Shield will no longer scan each search result online for new exploits, which was causing the spikes that webmasters addressed with us. However, it is important to note that AVG still offers full protection against potential exploits through the Active Surf-Shield component of our product, which checks every page for malicious content as it is visited but before it is opened.

Reply

5 nixCraft July 5, 2008 at 7:43 pm

@Bob, good suggestion.

@Pat, thanks for update.

Reply

Leave a Comment

Tagged as: , , , , , ,

Previous post:

Next post: