> 
> What is returning the 500 response here? Is php/python/perl involved?

No, I think this mod_security is generating this

> As for the scrapers, you are absolutely wasting your time customizing the
> response. I would just return a 403, actually.

I think you might be right. I did not expect to waste so much time on trying to 
just send an 'empty' body.

> 
> 
>       > See the ErrorDocument directive.
> 
>       It does not seem to work. It looks like this config is skipped and
> the error is loaded directly from the httpd binary.
> 
>       ErrorDocument 500 /406.html
> 
>       > Now, why is that response not suitable? And why would you respond
> with a
>       > 200 for a blocked user agent?
> 
>       I think it is better to return to scrapers 200 and empty content,
> instead of notifying them so they can reconfigure their systems.
> 
>       >
>       >
>       >       Where/how can I change this message?
>       >
>       >       <p>The server encountered an internal error or
>       >       misconfiguration and was unable to complete
>       >       your request.</p>
>       >       <p>Please contact the server administrator at
>       >        xxx to inform them of the time this error occurred,
>       >        and the actions you performed just before this error.</p>
>       >       <p>More information about this error may be available
>       >       in the server error log.</p>
>       >       </body></html>
>       >
>       >       or as a work-a-round, how can refuse access with modsecurity
> and just
>       > generate a 200 blank page response.
>       >
>       >       SecRule REQUEST_HEADERS:User-Agent "blockthisua"
>       > "id:'13006',phase:2,log,deny,status:200"
>       >
> 
> 

Reply via email to