HTACCESS - 使用 BrowserMatchNoCase 阻止多个版本的过时浏览器(Chrome / Firefox)
我试图找到解决这个问题的方法,但没能找到。
我在 htaccess 中使用这些行已经有一段时间了,以阻止旧版或过时版本的 Firefox 和 Chrome,因为它们中的大多数都被机器人/受感染的主机使用。
BrowserMatchNoCase "Chrome/[17.0.0.0-86.0.0.0]" bad_bots
BrowserMatchNoCase "Firefox/[3.0-86.0]" bad_bots
它工作完美,根据我的理解,它被阻止了:(我说得对吗?)
- 从17.0.0.0到86.0.0.0的每个Chrome浏览器版本
- 从3.0到86.0.0.0的每个Firefox浏览器版本
但是最近,自从Chrome和FF更新到100,事情没有按预期进行。 我的规则阻止这些浏览器版本,因此暂时,我通过添加以下内容做了一个肮脏的解决方法:
BrowserMatchNoCase "Chrome/100" !bad_bots
BrowserMatchNoCase "Firefox/100" !bad_bots
etc...
我的问题:
是否可以解决该“问题”并且不阻止 100 及更高版本的浏览器版本?如何 ?
是否可以使用 BrowserMatchNoCase 保留这些规则?
多谢。
I tried to find a solution to this but wasn't able to find one.
I have been using these lines in my htaccess for a while now to block older or obsolete versions of Firefox and Chrome since most of them are used by bots / infected hosts.
BrowserMatchNoCase "Chrome/[17.0.0.0-86.0.0.0]" bad_bots
BrowserMatchNoCase "Firefox/[3.0-86.0]" bad_bots
It worked flawlessly and from my understanding it was blocking : (Am I right ?)
- Every Chrome browser version from 17.0.0.0 to 86.0.0.0
- Every Firefox browser version from 3.0 to 86.0.0.0
But recently, since Chrome and FF updated to 100, things are not working as expected.
My rules are blocking these browsers versions, so temporarily, I did a dirty workaround by adding :
BrowserMatchNoCase "Chrome/100" !bad_bots
BrowserMatchNoCase "Firefox/100" !bad_bots
etc...
My question :
Is it possible to get around that "issue" and not blocking browsers versions from 100 and later versions ? How ?
Is it possible to keep these rules with BrowserMatchNoCase ?
Thanks a lot.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
不,它根本不这样做!您无法像使用正则表达式那样指定数字范围。
正则表达式
[17.0.0.0-86.0.0.0]是一个字符类,与简单的[.012345678](或[.0-8]),它匹配方括号之间列出的单个字符。连字符 (-) 表示 ascii 字符 范围。例如。az。因此,您的正则表达式
Chrome/[17.0.0.0-86.0.0.0]与包含以下子字符串之一的任何用户代理匹配:Chrome/.Chrome/ 0Chrome/1ChromeChrome/3Chrome/4Chrome/ 5Chrome/6Chrome/7Chrome/8因此,它基本上会阻止任何不以
9< 开头的 Chrome 版本/代码>。换句话说,它将允许版本 9 和 90 到 99,并阻止其他所有版本(直到我们最终到达版本 900!)。如果您仍然想遵循相同的方法并阻止旧的用户代理字符串,那么您需要遵循“肮脏的解决方法”并为您确实想要允许的用户代理打孔。尽管您可以概括一下并允许数百个版本,例如。
1\d\d(1 后跟两位数字)例如,阻止所有内容然后允许特定的用户代理模式会更容易:
请注意,我专门使用了
BrowserMatch(而不是BrowserMatchNoCase)用于允许的情况,因为官方 Chrome 用户代理将始终使用大写的C。No, it's not doing that at all! You can't specify numeric ranges like that using regex.
The regex
[17.0.0.0-86.0.0.0]is a character class and is the same as simply[.012345678](or[.0-8]), which matches a single character from those listed between the square brackets. The hyphen (-) indicates a ascii character range. eg.a-z.So, your regex
Chrome/[17.0.0.0-86.0.0.0]matches any user-agent that contains one of the following substrings:Chrome/.Chrome/0Chrome/1Chrome/2Chrome/3Chrome/4Chrome/5Chrome/6Chrome/7Chrome/8So, it will basically block any Chrome version that does not start with a
9. In other words, it will allow versions 9 and 90 through 99 and block everything else (until we eventually get to version 900!).If you still want to follow the same approach and block old user-agent strings then you'll need to follow your "dirty workaround" and punch holes for user-agents you do want to allow. Although you can generalise a bit and permit any version in the hundreds, eg.
1\d\d(1 followed by two digits)For example, it would be easier to block everything and then allow specific User-Agent patterns:
Note that I specifically used
BrowserMatch(rather thanBrowserMatchNoCase) for the allowed cases since official Chrome User-Agents will always have an uppercaseC.这起作用,直到Chrome/Firefox到200秒
this works until chrome/firefox get to 200s