How to block Web Security Scanners from Scanning your website

NSA Spying

Pentesters or Hackers use web security scanner to scan the website for security bugs in web applications and services. The objective of web scanning can differ from hacking to securing the website. Web security scanner creates a mess on the targeted server and use heavy bandwidth of the server during scanning process.

So to block the scanners or exploiters to scan your website, a trick is shared. Just add that script in to the .htaccess of your website and it will block the security scanners like Acunetix, nessus, SQLmap etc.

RewriteEngine On
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1/ [R=301,L]
</IfModule>

Just add above line of code in to the .htaccess of your website and it will block the written security scanner.

email
  • Logic

    most of these scanners gives you the ability to choose your own User Agent.

    • thehackerspost

      You are right, but still its one possible way to protect your website.

      • Don s

        how do you do it ?can it be downloaded

        • thehackerspost

          just edit your .htaccess file of your main directory on linux hosting server and paste the above code. you are done!

    • xaadi

      yeh

  • me

    Really i have tested and it works 100%

  • Guest

    hello there when i bloke scanners one of them scannes the site and views the vulnerability on the site what do i do

  • xaadi

    hello there when i bloke
    scanners one of them(Acunetix) scannes the site and views the vulnerability on the site
    what do i do

    • thehackerspost

      Have a look at request header and analyze the User Agent, if its different than Normal ones, block that. If this technique dont work, Then try to locate the IP address from where traffic is coming, then just block that IP! you are done!