| Anonymous | Login | 2024-11-22 23:44 EST |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |||
| 0000790 | PacketFence | public | 2009-08-31 17:49 | 2011-01-26 15:43 | ||||
| Reporter | obilodeau | |||||||
| Assigned To | obilodeau | |||||||
| Priority | normal | Severity | minor | Reproducibility | N/A | |||
| Status | closed | Resolution | fixed | |||||
| Platform | OS | OS Version | ||||||
| Product Version | ||||||||
| Target Version | Fixed in Version | |||||||
| Summary | 0000790: block popular non-human UserAgents | |||||||
| Description | Since 1.8.4 packetfence edit a node with the useragent each time the portal is hit. This allow to enforce browser restriction policies and also device banning policies. But, sometimes a lot of noise is generated by non-human initiated connection (software updates, stuff phoning home, etc.). This is increasing the server's load (pfcmd fork) and replacing the node's browser with something else that is not really relevant. I think the best approach to circumvent this problem is to redirect known non-human useragents to an access denied page. http://httpd.apache.org/docs/2.2/misc/rewriteguide.html#access [^] | |||||||
| Tags | No tags attached. | |||||||
| fixed in git revision | ||||||||
| fixed in mtn revision | ||||||||
| Attached Files | ||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0001303) obilodeau (reporter) 2009-08-31 18:39 |
I added the following lines in conf/templates/httpd.conf.apache22 and conf/templates/httpd.conf.pre_apache22 at the top of rewriting rules:
# Some UserAgents we don't want to mess with
RewriteCond %{HTTP_USER_AGENT} ^Microsoft-CryptoAPI.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^Windows-Update-Agent.*
RewriteRule ^.*$ - [L,forbidden]
|
|
(0001304) obilodeau (reporter) 2009-08-31 18:39 |
Tested in lab and it seems to do it. |
|
(0001305) obilodeau (reporter) 2009-09-01 11:48 |
added WinHttp-Autoproxy-Service after some research
# Some UserAgents we don't want to mess with
RewriteCond %{HTTP_USER_AGENT} ^Microsoft-CryptoAPI.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^Windows-Update-Agent.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^WinHttp-Autoproxy-Service.*
RewriteRule ^.*$ - [L,forbidden]
|
|
(0001312) obilodeau (reporter) 2009-09-11 18:18 |
Fixed in mtn revision 208766cb0490cd539ee723a2a8889202903613c2 |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-08-31 17:49 | obilodeau | New Issue | |
| 2009-08-31 17:49 | obilodeau | Status | new => assigned |
| 2009-08-31 17:49 | obilodeau | Assigned To | => obilodeau |
| 2009-08-31 18:39 | obilodeau | Note Added: 0001303 | |
| 2009-08-31 18:39 | obilodeau | Note Added: 0001304 | |
| 2009-09-01 11:48 | obilodeau | Note Added: 0001305 | |
| 2009-09-11 18:18 | obilodeau | Note Added: 0001312 | |
| 2009-09-11 18:18 | obilodeau | Status | assigned => resolved |
| 2009-09-11 18:18 | obilodeau | Resolution | open => fixed |
| 2011-01-26 15:43 | obilodeau | Status | resolved => closed |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |