place wrote:
- There's some kind of blog thing that knows which browsers send an Accept header. If I pretend to use one of them, I get a meaningless error page. This is good because it saves me from wasting time looking at blogs.
Probably this: http://www.bad-behavior.ioerror.us/ It's a filter written in PHP to block spambots and harvesters that pretend to be well-known user-agents. If a user-agent always sends certain headers, then a request that claims to be that UA but lacks those headers can be treated with suspicion. If a UA claims to be Opera, Gecko, Safari, IE, etc., it will check for an Accept header. One check that I find interesting is looking for invalid Windows versions. IE will always list the internal Windows version, like "Windows NT 5.1", but people programming bots will often forget this and tell it to use "Windows XP" instead. It also checks for bots that claim to be well-known search spiders. Some bots will pretend to be Googlebot, for instance, but won't come from a Google-owned IP address. Occasionally it does run into problems with personal firewalls that strip out headers. -- Kelson Vibber www.hyperborea.org