[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] deny access based on user agent
|
On 8/14/2024 1:12 PM, Joakim Erdfelt wrote:
The built-in rules do not generally respond with an error.
Most of them just modify paths or headers.
Hmm; is there an indirect way to do it by modifying the path based on a
header and then that static path when accessed would return the 403?
* `ResponsePatternRule` - if the target path is of the specified
pattern, then a configurable status code is returned.
I saw that one, but unfortunately it only matches against the path, not
an arbitrary header.
For a rule that acts on a request header, and then performs a response
with configurable status, none exists in Jetty at this point in time.
Surprisingly you are the first one to ask for it.
It's probably not a common requirement; in this specific case I'm just
trying to restrict a broken web crawler <sigh>.
At this point in time, if you need it, then it would be a custom rule
and/or handler.
Thanks for the response and the suggestions. I'm using the jetty
distribution, not jetty embedded, so custom code would need to be a
module or something I suppose.
The crawler was running in AWS; I was actually impressed with Amazon, I
submitted a complaint form and they got back to me within about eight
hours saying that they had contacted their user who is going to fix the
problem.
I'm still seeing some hits from it, but they have drastically decreased
from when I complained, so hopefully the fix is just still propagating
through their EC2 infrastructure.
