Blocking malicious user agents
As the saying goes:
"Just because you're not paranoid doesn't mean they aren't after you." –Joseph Heller.
In the web world, hackers are continually scanning your servers and sites regardless of who you are and what sort of site you have. In 99 percent of all instances, they don't care who you are or what your site is, but only see how easily they can manipulate it to do what they want.
Even if you're 100 percent sure that your website is secure, you can save a lot of CPU cycles and potential Denial of Service (DOS) attacks by blocking these agents.
How to do it...
The server block contains an if statement, which generally should be avoided, but it's necessary here. Performance wise, evaluating it for each call is necessary for interrogating the user agent anyway, so there's no degradation. In the following configuration, we'll drop out the bots we don't want to be...
