I recently changed servers from Apache to Nginx… How do I write this information (.htaccess) a simple redirect against web scanner on file nginx.conf:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} wpscan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1/ [R=301,L]
</IfModule>
Thank you!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Thanks works! You’ve solved many problems ;-) Grazie dall’Italia
Hi!
The htaccess rules that you’ve posted block traffic whose user-agent matches a specific list. The user agent in nginx is stored in the
$http_user_agent
variable, so you will want to compare that against a Regular Expression pattern and block the requests if it does match.One more thing to note is that the htaccess rules use the
[NC]
flag, which makes Apache match the patterns in a case-insensitive manner. The nginx equivalent is appending an*
to the~
, as you can see below.return 444
simply drops the connection. You might want to do that instead of sending back a redirect to127.0.0.1
. Though, you can replace it with403
in order to send a403 Forbidden
error.Finally, to check if the
Acunetix-Product
header exists, add the following if block: