Requesting a Deny Agent function

[lottocheatah]

In some instances the legacy latest visitors log entry will identify the agent software being used as hacking sofware. In others the agent field is deliberately undeclared. With WIFI and dynamic I.P. numbers the I.P. Deny Manager has become substantially ineffective at denying this kind of traffic. It would be nice to be able to "Deny Agent" based on the content or lack of content in the Agent field of the Legacy Latest Visitors Report.

[cPanelDavidG]

So, basically you want a user interface to easily manage the ability to deny based on agent, a capability currently available by means of manually editing a .htaccess file?

In the interim, if you are using site software such as WordPress, there are already plugins available to block "bad agents," some of which automatically update their list of "bad agents."

[Infopro]

Can't Modsecurity can handle this?

[lottocheatah]

So, basically you want a user interface to easily manage the ability to deny based on agent, a capability currently available by means of manually editing a .htaccess file?

In the interim, if you are using site software such as WordPress, there are already plugins available to block "bad agents," some of which automatically update their list of "bad agents."

I'm don't use wordpress. I use the features in cPanel. I'm a website user. I don't know anything about editing system files if the function is not available on the cPanel. The I.P. Deny Manager has become quite ineffective at keeping out bad actors, but if I can I.D. a bad agent to an Agent Deny function then that agent can be blocked regardless of the I.P. number they are using.

I.P. Deny has become obsolete. The deny relationship should refer to the agent, not the I.P.

[lottocheatah]

I am a user of the cPanel. I don't find anything on the cPanel entitled "Modsecurity"

[Infopro]

I am a user of the cPanel. I don't find anything on the cPanel entitled "Modsecurity"

You'll need to speak with your host to find out if Modsecurity is enabled on your server. There are rulesets to block known bad agents.

You can also block via .htaccess. Lots on google about this.

Keep in mind, you can fake your User Agent string.

[lottocheatah]

[QUOTE=Infopro;863821]You'll need to speak with your host to find out if Modsecurity is enabled on your server. There are rulesets to block known bad agents.

You can also block via .htaccess. Lots on google about this.

I don't know anything about Modsecurity. I know there currently is no way to deny access to a website from the cPanel except for the Deny I.P. Manager which is pretty much useless unless you want to start blocking entire continents.. and even then it doesn't effectively block. You can still use your magicjack and modem to hit any free dialup anywhere in the world. The only real way to deny an agent is to "Deny Agent".

Yes, you can fake your agent but that in itself can be a flag. I have subscriber apps that update from my website. I know from the agent field in the Legacy log if this is my app or a pirate. If I can I.D. a pirate this way, and I can, I should be able to block him this way and not have to chase him endlessly from I.P to I.P.

Com'on guys, this should be a no brainer.

[cPanelDavidG]

I know there currently is no way to deny access to a website from the cPanel except for the Deny I.P. Manager

cPanel&WHM supports .htaccess files, we just do not provide a facility by which to easily block user agents at this time. However, the capability is already present and in use by those using cPanel.

[lottocheatah]

cPanel&WHM supports .htaccess files, we just do not provide a facility by which to easily block user agents at this time. However, the capability is already present and in use by those using cPanel.

I will check the .htaccess file details and see if this suits the purpose.

[lottocheatah]

I will check the .htaccess file details and see if this suits the purpose.

I found a bit of code for this file but I cannot file the existing file in any website folder. Is this an optional file? Is there a generic one available? Where does it mount?

[lottocheatah]

cPanel&WHM supports .htaccess files, we just do not provide a facility by which to easily block user agents at this time. However, the capability is already present and in use by those using cPanel.

It is starting to get all quite confusing for someone who is just a cPanel user and not a java programmer. What is the prefix for the .htaccess file? I am finding info that suggests I need an exact string match for the bad agent and that I need an additional file "ModRewrite" to match to a sub-string portion of the Agent field. Is this true?

All this said, why is the Agent Deny function not on the cPanel?

[cPanelDavidG]

I found a bit of code for this file but I cannot file the existing file in any website folder. Is this an optional file? Is there a generic one available? Where does it mount?

This is an optional file. If you do not see this in File Manager, first try to create a .htaccess file.

If you still do not see the file after creating it, keep in mind that .htaccess starts with a period so this makes it a "hidden" file on *nix environments. You will need to go to the bottom of the cPanel home screen and reset all preferences, then click on File Manager and in the popup that appears, ensure you can see hidden files.

.htaccess is most often stored in your public_html directory.

[cPanelDavidG]

It is starting to get all quite confusing for someone who is just a cPanel user and not a java programmer. What is the prefix for the .htaccess file? I am finding info that suggests I need an exact string match for the bad agent and that I need an additional file "ModRewrite" to match to a sub-string portion of the Agent field. Is this true?

All this said, why is the Agent Deny function not on the cPanel?

Keep in mind that .htaccess is an extremely commonly used tool. I would recommend looking for tools via an internet search that can generate these strings for you. When it comes to .htaccess files, there are utilities to generate content for .htaccess files for nearly anything you can think of.

[lottocheatah]

".htaccess" is a just the file extension. What is the prefix, ie; what is the entire filename of the .htaccess file?

[cPanelDavidG]

".htaccess" is a just the file extension. What is the prefix, ie; what is the entire filename of the .htaccess file?

The entire filename of .htaccess is .htaccess - it is also not a file extension, it is a hidden file (since it starts with .).

Remember, in *nix, text following a dot does not have the same meaning it may on Windows.

This thread has derailed far outside of being a feature request, I'll be moving this thread to a more appropriate forum.