Deny dex Bot Search POST contact.php HTTP 1.1 in htaccess

Today it is „dex Bot Search“ and „Mozilla/4.76 [ru] (X11; U; SunOS 5.7 sun4u)“ bringing my server almost to crash.

Update July 14, 2010 please read to the end of the post..

Yesterday it was „Casper Bot Search“, I blocked it succussfully with an entry on top of the .htaccess:

BrowserMatchNoCase Casper bad_bot
Order Deny,Allow
Deny from env=bad_bot

It looks like „dex Bot Search“ tries to POST to contact.php, a file or link not available on my domain, so getting lot’s of 404 errors.

In access.log I find now:

193.39.66.14 - - [01/Jul/2010:12:36:34 +0200]
"POST /34//contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
193.39.66.14 - - [01/Jul/2010:12:36:34 +0200]
"POST //contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
193.39.66.14 - - [01/Jul/2010:12:36:35 +0200]
"POST /34/cms-auf-1blu-unlimited//contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
193.39.66.14 - - [01/Jul/2010:12:36:35 +0200]
"POST //contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
193.39.66.14 - - [01/Jul/2010:12:36:35 +0200]
"POST //contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
193.39.66.14 - - [01/Jul/2010:12:36:35 +0200]
"POST /34//contact.php HTTP/1.1" 403 1022 "-" "dex Bot Search"
81.176.226.100 - - [01/Jul/2010:12:46:46 +0200]
"POST /?s=blog%20%20//contact.php HTTP/1.1" 403 1036 "-" "dex Bot Search"
81.176.226.100 - - [01/Jul/2010:12:46:46 +0200]
"POST /?s=blog%20%20//contact.php HTTP/1.1" 403 1036 "-" "dex Bot Search"
81.176.226.100 - - [01/Jul/2010:12:46:46 +0200]
"POST /?s=blog%20%20//contact.php HTTP/1.1" 403 1036 "-" "dex Bot Search"
81.176.226.100 - - [01/Jul/2010:12:46:46 +0200]
"POST /?s=blog%20%20//contact.php HTTP/1.1" 403 1036 "-" "dex Bot Search"

Having the above script in .htaccess already, it was easy to block and deny this bot too, I just extended the entry like this:

BrowserMatchNoCase Casper bad_bot
BrowserMatchNoCase dex bad_bot
Order Deny,Allow
Deny from env=bad_bot

This will also block YandexBot, getting a 403 error, I do not care.

Do not ask me what is the purpose of these POST attacks, for me they just slowed down my vserver..

UPDATE:
getting POST now from „Mozilla/4.76 [ru] (X11; U; SunOS 5.7 sun4u)“

added to .htaccess like this:

BrowserMatchNoCase Casper bad_bot
BrowserMatchNoCase dex bad_bot
BrowserMatchNoCase sun4u bad_bot
Order Deny,Allow
Deny from env=bad_bot

UPDATE 02.07.2010
extended bot signatures by ’sledink‘ and ‚kangen‘ due to POST to not existing file contact.php

access.log looks like this:

92.48.70.83 - - [02/Jul/2010:19:27:06 +0200]
"POST /contac.php HTTP/1.1" 404 22568 "-" "rk q kangen"
66.210.175.75 - - [02/Jul/2010:19:27:17 +0200]
"POST /contact.php HTTP/1.1" 403 1022 "-" "Mozilla/4.76 [ru] (X11; U; SunOS 5.7 sun4u)"
208.115.217.194 - - [02/Jul/2010:19:27:17 +0200]
"POST /?s=forum/contact.php HTTP/1.1" 403 1036 "-" "Casper Bot Search"
205.237.100.89 - - [02/Jul/2010:23:05:34 +0200]
"POST /?s=blog%20%20//index.php HTTP/1.1" 403 1036 "-" "sledink Bot Search"
205.237.100.89 - - [02/Jul/2010:23:05:34 +0200]
"POST /?s=blog%20%20//index.php HTTP/1.1" 403 1036 "-" "sledink Bot Search"
205.237.100.89 - - [02/Jul/2010:23:05:35 +0200]
"POST /?s=blog%20%20//index.php HTTP/1.1" 403 1036 "-" "sledink Bot Search"

Update July 14, 2010
the bots try to POST now to different files, as there are:
contact.php, config.php, view.php and ‚powered‘

So by now I block and deny them in .htaccess in the following way:

RewriteEngine On

RewriteCond %{REQUEST_URI} contact\.php [NC,OR]

RewriteCond %{REQUEST_URI} config\.php [NC,OR]

RewriteCond %{REQUEST_URI} view\.php [NC,OR]

RewriteCond %{REQUEST_URI} powered [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(contact\.php).*$ [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(config\.php).*$ [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(view\.php).*$ [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(powered).*$ [NC]

RewriteRule . nouse.php [L]

all POST to the files above are redirected to a file in root folder of the attacked site.
This file nouse.php contains just the error header in php:

header("HTTP/1.1 403 Forbidden");

block search bot Home » Code Snippets » HTML » Meta Tag to Prevent Search Engine Bots By Chris Coyier Last Updated On August 1, 2012 Meta Tag to Prevent Search Engine Bots If the page is blocked by a robots.txt file, the crawler will never see the noindex directive, and the page can still appear in search results, for example if other pages link to it. Using MSN /Bing – Retired October 2010 and rebranded as Bing, this is a web-crawling ro (type of Internet ), deployed by Microsoft to supply Bing ( engine). It collects documents from the web to build How to block search bots In order to all s from accessing your site, you should create a ros.txt file with the following content: User-agent: * Disallow: / To all Tags: block, search, bots, I'm trying to all s/crawlers/spiders for a special directory. How can I do that with htaccess? I ed a bit and found a solution by ing based on the user agent: RewriteCon