Found Malicious User Agent

Viewing 5 replies - 1 through 5 (of 5 total)

  • I would like to know the answer to this too!!

    I’ve got something similar:

    TYPE: Found Malicious User Agent
    DETECTED ATTACK VALUE: Python-urllib/2.5
    ACTION: Blocked
    LOGTIME: 2013-08-02 08:50:42

    Need some answers. Google is no help. All of a sudden I’m getting this, a couple yesterday and 3 today. My site is only 2 months old. One of them had FROM IP: https://whois.domaintools.com/208.66.65.5 this is Technorati that I just got my site approved at. Why am I blocking Technorati?

    Need some info from the PLUGIN AUTHOR or I’ll be going back to WordPress Firewall!

    Python-urllib is a python module for opening urls

    It probably shouldn’t be being blocked. A lot of firewalls block it, because it is used by a lot of not so good visitors, but apparently some valid crawlers are using it as well.

    3 months this post has been up and no reply from the plugin author. Shows you he don’t care. Hell with him, I’m going back to WordPress Firewall. WordPress Simple Firewall looks great.

    Jonathon.Smith is correct in saying

    “Python-urllib is a python module for opening urls” and “A lot of firewalls block it, because it is used by a lot of not so good visitors”

    None of the main stream search engines (Google, Bing, etc) use Python-urllib as a user agent.

    Many malicious spiders, including web scrapers and hacker bots, use this ID, hence it’s quite common to ban requests when the UA is detected.

    If you want to allow these UA’s add ” Python-urllib ” to the Whitelisted Variables in OSE Settings.

    Personal Opinion: I’ve never seen any good traffic using these UA’s.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Found Malicious User Agent’ is closed to new replies.