I'm getting occasional visits to my Web site from applications with
blank UA strings. I would like to block such accesses because they
violate various RFCs and might represent attempted hostile actions.
Since I don't own the Web server (it's owned by my ISP) and I don't want
to have any JavaScript, I would prefer using either an .htaccess setting
or a SSI script. Is this possible? The Web server is Apache (version
currently unknown) for which I have done some simple .htaccess settings.
I know how to create SSI scripts in UNIX.
What I really would like to do is send an error page when the UA string
is blank. The page would tell the user why the requested page cannot be
seen. If I can't send an error page, then I would send an appropriate
HTTP status code.
--
David E. Ross
<http://www.rossde.com/>
Q: What's a President Bush cocktail?
A: Business on the rocks.