.htaccess Allow All from Specific User Agent

.htaccess user-agent

42,964

Solution 1

SetEnvIfNoCase User-Agent .*google.* search_robot
SetEnvIfNoCase User-Agent .*yahoo.* search_robot
SetEnvIfNoCase User-Agent .*bot.* search_robot
SetEnvIfNoCase User-Agent .*ask.* search_robot
Order Deny,Allow
Deny from All
Allow from env=search_robot

Htaccess SetEnvIf and SetEnvIfNoCase Examples

Solution 2

I just want to allow ONE SPECIFIC user agent rather than trying to block all

Here's my config to allow only wget:

SetEnvIf User-Agent .*Wget* wget
Order deny,allow
Deny from all
Allow from env=wget

Solution 3

Allow from and Rewrite* are directives from two different Apache's modules.

The first one is mod_authz_host and the other from mod_rewrite.

You can use mod_rewrite to do what you want:

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !=myuseragent
RewriteRule .* - [F,L]

Solution 4

If you don't want to use mode_rewrite, with Apache 2.4 you can use something similar to this:

<Location />
                AuthType Basic
                AuthName "Enter Login and Password to Enter"
                AuthUserFile /home/content/html/.htpasswd
                <If "%{HTTP_USER_AGENT} == 'myuseragent'">
                Require all granted
                </If>
                <Else>
                Require valid-user
                Require ip 12.34.567.89
                </Else>
</Location>

View more solutions

42,964

Author by

adamdehaven

UX Designer & Developer

Updated on August 31, 2021

Comments

adamdehaven about 1 year
I have a website I am developing that is also going to be pulled into a web app. I have the following code in my .htaccess file to prevent access from ANYONE that is not on my allowed IP:
```
Order deny,allow
Deny from all
AuthName "Restricted Area - Authorization Required" 
AuthUserFile /home/content/html/.htpasswd 
AuthType Basic
Require valid-user
Allow from 12.34.567.89 
Satisfy Any
```
QUESTION: I would like to add an Allow from rule that will ALSO allow a specific HTTP user agent access to the site.

I found this code to redirect if not the user agent:
```
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !=myuseragent
RewriteRule ^files/.*$ / [R=302,L]
```
But I can't seem to figure out how to turn this into an Allow from rule. Help?

UPDATE

I found the code below to block specific user agents... I would instead like to say "if NOT myuseragent, then block."
```
<IfModule mod_rewrite.c>
SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT
Deny from env=HTTP_SAFE_BADBOT
</ifModule>
```
adamdehaven about 10 years

I found the code you just posted on SO as well... I just want to allow ONE SPECIFIC user agent rather than trying to block all (I don't want to take a chance on missing one.) Any ideas?
adamdehaven about 10 years

So with the code you posted, will this work in ALL directories? Or will I need to place an .htaccess file with this code in every directory?
richplane almost 6 years

Just in case anyone's wondering: yes this also works directly in the apache vhost conf file (on Apache 2.4 at least) - I have "SetEnvIfNoCase ..." before the <Directory> directive and the "Allow from..." inside.
chiappa almost 6 years

This is great, I can use RewriteCond %{HTTP_USER_AGENT} !(Mozilla) and it will only allow those with a browser user agent/non-bot