Add more user agents to scanner user agent list #3285
Comments
|
Hi @jfeng-league, Please use our issue templates when opening an issue, e.g. the 'Feature Request' template. This ensures we have the information required and in a standard format, making these issues easier and quicker to triage. Your idea is a good one, but we have recently decided against continuing to do much blocking based on User Agent:
The plan was to use the "apache-ultimate-bad-bot-blocker", so very similar to your suggestion! This type of User Agent block/spam detection could be turned into a plugin in the future, but at the moment the decision is that it will not live as part of the core/default CRS rules. I'm going to close this issue as we've already decided as a project not to move in this direction of UA scanning/blocking, but feel free to follow up if you have any further questions or points to make. |
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/_generator_lists/bad-user-agents.list
I'd like to add these user agents into the scanner detection list. It will greatly improve all the downstream systems (GCP Cloud Armor) that utilize these lists
The text was updated successfully, but these errors were encountered: