Anti-Crawler Script

Description

An ASP script which can be adapted to keep specific crawlers (robots/spiders) out of your ASP-based website, or you can apply the rules to single a page. The latest version of the script allows you to filter sources by both user-agent (either full matching or partial/wildcard matching via regular expressions) or by IP address (again either full or partial matching is supported).

Although the script ships with a default set of rules installed to allow it to work reliably without any changes, you can quite easily remove these rules if you don't like them - creating your own powerful set of rules is remarkably easy.

Why ban a crawler / spider / application from accessing your website? Lots of reasons - sometimes it's obvious they are only using your site to harvest email addresses, other times they might be using up excessive amounts of resources or going into areas they are supposed to be excluded from. Banning them from the site keeps them from your data, it also helps reduce the bandwidth they consume - this is even more true as if their first request is denied they cannot discover & retrieve the rest of your site.

What sort of crawlers / spiders / applications are we talking about? Most of the time the elements people want to ban aren't associated with any major search engines, and for those few that do offer a search service I doubt they bring very little (if any) traffic to the sites they crawl. The majority of the elements that get banned really only exist to further their own goals and wont help your site in the long run.

Requirements

IIS
RegExp object

Single Compressed Download

Zip File

Individual Components

ASP script source code

Installation & Setup

Save the source code file into a directory somewhere within your webroot - for any examples we've assumed the resulting file is called denycrawler.asp.
Include the code into either a pre-existing common include file or a single page (e.g. ). As the file doesn't include any code which will run automatically placement above or below existing includes shouldn't be an issue.
Finally, call the function DenyCrawler() from within your include or page. In order to function correctly this needs to be called before any headers or page content is written - this ensures that if it needs to deny a request it can respond with a minimal page complete with an explanation.

User Guide

The majority of this script relies on pattern matching, specifically regular expressions which I've gathered over time based on historical traffic for this site. While the default ruleset isn't perfect it allows most users to immediately use the script - if you feel comfortable with writing regular expressions or just want to stop one specific source of requests feel free to erase the defaults.

If you need to test the deny function for yourself on a development system then just add an extra line into BadUA_Test - for example UA_Add "Mozilla", sUserAgentList will match the majority of browsers allowing you to view the deny screen in action - however don't try this on a live system because you'll block all traffic!

Equally if you ever want to ban an IP address then it works in much the same way - there are several examples listed inside BadIP_Test should you need to attempt this.

Now onto the technical part.

If you ever need to get involved with writing a lot of complex rules the main thing to remember is in order to save time the script merges all the unique regular expressions into one large expression and uses the OR logical operator to combine them allowing one rule to be used rather than cycling through several different rules. However coding the data into the script in this way would make it hard to read and even harder to maintain, so instead UA_Add is used to build these strings on-the-fly. It has two parameters - your regular expression string followed by the variable being used to hold the combined string.

The startpoint for the script is DenyCrawler() which uses EmptyUA_Test, BadUA_Test and BadIP_Test to determine if this request should be served, these rules are checked in the order listed above.

EmptyUA_Test is just a simple piece of logic which checks if an empty or single-character user-agent string is being used, if that comes back negative BadUA_Test is called.

BadUA_Test checks if the current user-agent string matches any of the elements in a list of regular expressions, this provides flexibity to use exact matches, partial matches or any other type of pattern you're capable of creating.

BadIP_Test provides an IP filtering element, working in a similar way to BadUA_Test in as much as it takes a series of regular expressions which describe the IP addresses you want to ban. There are no default rules included in this function, it's designed to allow a user the ability to filter out an element of their traffic with a high level of accuracy - something that wasn't possible with just the user-agent based tests.

Navigate

Home Parent Directory Meta-Search

Technical

ASP Scripts SQL Scripts VB Programs Show All

Guides

Show All

Other

Contact Site News About Legal Sitemap Links

< %

' This ASP script originally lived at http://evolvedcode.net/ for the

' original version of this script and a wide variety of other

' scripts, please visit the site.

' Last update: 2004.04.21 14:41:01

Sub DenyCrawler()

' Code which blocks any requests from known "bad" crawlers or NULL user-agents

Dim sUserAgent

sUserAgent = Trim ( Request.ServerVariables( " HTTP_USER_AGENT " ) )

' Check if the request is coming from something which is less than desirable

If EmptyUA_Test( sUserAgent ) Or BadUA_Test( sUserAgent ) Or BadIP_Test( Request.ServerVariables( " Remote_Addr " ) ) Then

Response.Status = " 403 Access Denied "

% >< html >

< head >

< title >< % = Response.Status % ></ title >

< meta name = " robots " content = " noindex " />

</ head >

< body >

< h1 >< % = Response.Status % ></ h1 >

Access to the requested resource has been denied.

We suspect you are using an automated process to access this website. Please retry with a regular browser.

</ body >

</ html >

< %

Response.End

End If

End Sub

Function TestRegExp( ByVal sInput, ByVal sRegExp )

' Code to evaluate a regular expression

Dim objRegular

Set objRegular = New RegExp

objRegular.Pattern = sRegExp

objRegular.IgnoreCase = True

TestRegExp = objRegular.Test( sInput )

Set objRegular = Nothing

End Function

Sub UA_Add( ByVal sNewUserAgent, ByRef sUserAgents )

' Code to add an extra user-agent into a list suitable for

' parsing with a regular expression

If sUserAgents = vbNullString Then

sUserAgents = sNewUserAgent

Else

sUserAgents = sUserAgents & " | " & sNewUserAgent

End If

End Sub

Function EmptyUA_Test( ByVal sUserAgent )

' Code to check if a UA is an empty or v. small piece of text

EmptyUA_Test = False

sUserAgent = Trim ( sUserAgent )

If sUserAgent = vbNullString Or Len ( sUserAgent ) = 1 Then

EmptyUA_Test = True

End If

End Function

Function BadUA_Test( ByVal sUserAgent )

' Code to check if UA appears to be in a list of badly behaved agents, e-mail harvesting

' robots, offline readers and other undesirable crawlers

Dim sUserAgentList

BadUA_Test = False

' Build up a list of spambots and other undesirable crawlers using a mix of

' both known bad crawlers and keyword matching to detect new crawlers and

' variations on a theme

UA_Add " ^Mozilla/\d\.\d\s$compatible;\sAdvanced\sEmail\sExtractor\sv\d\.\d+$$ " , sUserAgentList

UA_Add " CherryPicker " , sUserAgentList

UA_Add " Crescent " , sUserAgentList

UA_Add " ^DA\s\d\.\d+$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s\(compatible;\sMSIE\s\d\.\d;\sWindows\sNT;\sDigExt;\sDTS\sAgent$ " , sUserAgentList

UA_Add " EasyDL/\d\.\d+ " , sUserAgentList

UA_Add " e-collector " , sUserAgentList

UA_Add " EmailCollector " , sUserAgentList

UA_Add " ^EmailSiphon$ " , sUserAgentList

UA_Add " EmailWolf " , sUserAgentList

UA_Add " ExtractorPro " , sUserAgentList

UA_Add " Go!Zilla " , sUserAgentList

UA_Add " GetRight/\d.\d " , sUserAgentList

UA_Add " ^ia_archiver$ " , sUserAgentList

UA_Add " Indy\sLibrary " , sUserAgentList

UA_Add " larbin " , sUserAgentList

UA_Add " MSIECrawler " , sUserAgentList

UA_Add " Microsoft\sURL\sControl " , sUserAgentList

UA_Add " NEWT\sActiveX " , sUserAgentList

UA_Add " NICErsPRO " , sUserAgentList

UA_Add " RealDownload/\d\.\d\.\d\.\d " , sUserAgentList

UA_Add " Teleport " , sUserAgentList

UA_Add " Telesoft " , sUserAgentList

UA_Add " UtilMind\sHTTPGet " , sUserAgentList

UA_Add " WebBandit " , sUserAgentList

UA_Add " webcollage/\d\.\d\d " , sUserAgentList

UA_Add " WebCopier\sv\d\.\d " , sUserAgentList

UA_Add " WebEMailExtrac " , sUserAgentList

UA_Add " WebZIP " , sUserAgentList

UA_Add " ^WGet/\d\.\d " , sUserAgentList

UA_Add " ^Zeus.+Webster " , sUserAgentList

UA_Add " ^Mozilla/3\.Mozilla/2\.01\s$Win95;\sI$$ " , sUserAgentList

UA_Add " ^Internet\sExplorer\s?\d?\.?\d?$ " , sUserAgentList

UA_Add " ^IE\s\d\.\d\sCompatible.*Browser$ " , sUserAgentList

UA_Add " ^Microsoft\sInternet\sExplorer/4\.40\.426\s$Windows\s95$$ " , sUserAgentList

UA_Add " ^SurveyBot/\d\.\d\s(<a\shref='http://www\.whois\.sc'>Whois\sSource</a>|$Whois\sSource$)$ " , sUserAgentList

UA_Add " ^Mozilla/4\.0\s$?hhjhj@yahoo\.com$?$ " , sUserAgentList

UA_Add " ^MSIE " , sUserAgentList

UA_Add " ^Mozilla$ " , sUserAgentList

UA_Add " ^Mozilla(\\|/)\?\?$ " , sUserAgentList

UA_Add " ^Internet\sExplore\s?\d?\.?[a-z0-9]+$ " , sUserAgentList

UA_Add " ^IAArchiver-\d\.\d$ " , sUserAgentList

UA_Add " ^NPBot(-\d/\d\.\d)?(\s$http://www\.nameprotect\.com/botinfo\.html$)?$ " , sUserAgentList

UA_Add " ^Webclipping\.com$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s$X11;\sLinux\si686;\sen-US;\srv:\d.\d[a-z0-9]*;\sOBJR$$ " , sUserAgentList

UA_Add " ^Sqworm/\d\.\d\.\d\d-BETA\s$beta_release;\s\d{8}-\d{3};\si\d{3}-pc-linux-gnu$$ " , sUserAgentList

UA_Add " ^Lickity_Split/\d\.\d$ " , sUserAgentList

UA_Add " ^Production\sBot\s\d+B$ " , sUserAgentList

UA_Add " ^amzn_assoc$ " , sUserAgentList

UA_Add " ^Harvest " , sUserAgentList

UA_Add " ^Webdup/\d\.\d$ " , sUserAgentList

UA_Add " ^WebIndex/\d\.\d[a-z]$ " , sUserAgentList

UA_Add " (^|\s)RPT-HTTPClient/\d\.\d-\d$ " , sUserAgentList

UA_Add " ^sitecheck\.internetseer\.com\s$For\smore\sinfo\ssee:\shttp://sitecheck\.internetseer\.com$$ " , sUserAgentList

UA_Add " ^vspider$ " , sUserAgentList

UA_Add " ^k2spider$ " , sUserAgentList

UA_Add " ^Mac\sFinder\s " , sUserAgentList

UA_Add " ^ICU\sv " , sUserAgentList

UA_Add " ^DART$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s\(compatible;\sMSIE\s\d\.\d;\sWindows\sNT\s\d\.\d;\sQ\d{6};\s\.NET\sCLR\s\d\.\d\.\d{4}$ " , sUserAgentList

UA_Add " ^COMBOMANIA$ " , sUserAgentList

UA_Add " ^MyCrawler$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s$compatible;\sWin32;\sWinHttp\.WinHttpRequest\.\d$$ " , sUserAgentList

UA_Add " ^WEP\sSearch\s\d+$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s$fantomBrowser$$ " , sUserAgentList

UA_Add " ^TE$ " , sUserAgentList

UA_Add " ^WebStripper/\d\.\d\d$ " , sUserAgentList

UA_Add " ^OWR_Crawler\s\d\.\d$ " , sUserAgentList

UA_Add " ^WebMiner/\d\.\d\s\[en\]\s$Win\d\d;\sI$$ " , sUserAgentList

UA_Add " ^WebGather\s\d\.\d$ " , sUserAgentList

UA_Add " ^readwebpage$ " , sUserAgentList

UA_Add " ^InstantSSL\sBrowser:\slow\scost\sfully\svalidated\sSSL\s\+\sfree\strial$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s$compatible;\sHTTrack\s2\.0x;\sWindows\s.+$$ " , sUserAgentList

UA_Add " ^Mozilla/4\.0\s$compatible;\sPowermarks/\d\.\d;\sWindows\s.+$$ " , sUserAgentList

UA_Add " ^Vivante\sLink\sChecker\s$http://www\.vivante\.com$$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s\(compatible;\sWindows\sNT\s\d\.\d;\sABN\sAMRO$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s$compatible;\sIntelliseek;\shttp://www\.intelliseek\.com$$ " , sUserAgentList

UA_Add " ^WebCopier\sSession\s\d$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s\(compatible;\sMSIE\s\d\.\d\d;\sWindows\s\d\d$ " , sUserAgentList

UA_Add " ^Art-Online\.com\s\d\.\d$Beta$$ " , sUserAgentList

UA_Add " ^WebGo\s " , sUserAgentList

UA_Add " ^SuperBot/\d\.\d\s$Win\d\d$$ " , sUserAgentList

UA_Add " ^Download\sNinja\s\d\.\d$ " , sUserAgentList

UA_Add " ^Mozilla/\d\.\d\s\(compatible;\sMSIE\s\d\.\d;\sWindows\sNT\s\d\.\d;\s\.NET\sCLR\s\d\.\d\.\d{4}$ " , sUserAgentList

UA_Add " ^Expired\sDomain\sSleuth$ " , sUserAgentList

UA_Add " ^SHARP-TQ-GX\d\d$ " , sUserAgentList

UA_Add " ^HTTP/\d\.\d\sMozilla/\d\.\d\+$compatible;\+MSIE\+\d\.\d;\+Windows\+NT\+\d\.\d$$ " , sUserAgentList

UA_Add " ^.+/\d+\.\d+\s$Version:\s\d+\sType:\d+$$ " , sUserAgentList

UA_Add " ^Offline\sExplorer/\d+\.\d+$ " , sUserAgentList

If sUserAgentList = vbNullString Then

sUserAgentList = " ^nulldata$ "

End If

BadUA_Test = TestRegExp(sUserAgent, sUserAgentList)

End Function

Function BadIP_Test( ByVal sIPAddr )

' Code to check if an IP appears to be in a our list

Dim sIPList

BadIP_Test = False

' Assemble the list

' UA_Add "^127\.0\.0\.1$", sIPList 'Block a single IP, 127.0.0.1

' UA_Add "^127\.0\.0\.", sIPList 'Block any IP starting with 127.0.0.

' UA_Add "^127\.0\.", sIPList 'Block any IP starting with 127.0.

If sIPList = vbNullString Then

sIPList = " ^nulldata$ "

End If

BadIP_Test = TestRegExp( sIPAddr, sIPList )

End Function

' --Stand-alone testing code--

' DenyCrawler()

' Response.Write "If you can see this the script works and you aren't listed as a bad IP or UA."

' --Stand-alone testing code--

% >

from: http://evolvedcode.net/content/code_crawlerfilter/

posted on 2006-12-18 21:42 weidagang2046 阅读(963) 评论(0) 编辑收藏所属分类: Search Engine

新用户注册刷新评论列表


只有注册用户登录后才能发表评论。




网站导航: 博客园 IT新闻知识库 C++博客博问管理
相关文章: Blogger Rank Google SiteMap Protocol协议 Anti-Crawler Script 在应用中加入全文检索功能——基于Java的全文索引引擎Lucene简介 Similarity Flooding 用Java实现HTTP文件队列下载基于Linux的搜索引擎实现

weidagang2046的专栏