How To Stop AVG Scanner Hitting Apache Web Server

If you noticed a lot of extra “MSIE 6.0” agents in Apache web server log, try following .htaccess code (hat tip to pixelbeat)

Advertisement

Rewritecond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1; SV1.$" [OR]
Rewritecond %{HTTP_USER_AGENT} ".*MSIE 6.0; Windows NT 5.1;1813.$"
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP:Accept-Encoding} ^$
RewriteRule ^.* http://www.avg.com/?LinkScannerSucks [R=307,L]

๐Ÿฅบ Was this helpful? Please add a comment to show your appreciation or feedback.

nixCrat Tux Pixel Penguin
Hi! ๐Ÿค 
I'm Vivek Gite, and I write about Linux, macOS, Unix, IT, programming, infosec, and open source. Subscribe to my RSS feed or email newsletter for updates.

5 comments… add one
  • soraver Jul 4, 2008 @ 11:07

    is it possible to have this code for lighttpd?

  • bob Jul 4, 2008 @ 14:15

    Personally, if you are concerned about performance at all, I’d recommend NOT using .htaccess files for this but just put those rules within a Directory block inside the httpd.conf file. .htaccess files must be read through for every single request (allows for more dynamic nature) whereas the Directory blocks are read and cached once.

  • MADrod Jul 4, 2008 @ 17:22

    Very good, Thanx
    See ya

  • Pat Bitton Jul 5, 2008 @ 6:26

    Following is AVG’s official response to LinkScanner concerns:

    Weรขโ‚ฌโ„ขd like to thank our web community for bringing these challenges to our attention, as building community trust and protecting all of our users is critical to us. We have modified the Search-Shield component of LinkScanner to only notify users of malicious sites; this modified version will be rolled out on July 9th 2008. As of this date. Search-Shield will no longer scan each search result online for new exploits, which was causing the spikes that webmasters addressed with us. However, it is important to note that AVG still offers full protection against potential exploits through the Active Surf-Shield component of our product, which checks every page for malicious content as it is visited but before it is opened.

  • ๐Ÿ›ก๏ธ Vivek Gite (Author and Admin) nixCraft Jul 5, 2008 @ 19:43

    @Bob, good suggestion.

    @Pat, thanks for update.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Your comment will appear only after approval by the site admin.