IIS htaccess rule converter only importing 1 rule

Question

I have a example .htaccess file (found here) with bad robots to block. Here's a small sample code block from that file:

#bad bots start
#programmed by tab-studio.com public  version 2017.12
#1 new rule every 500 entries
RewriteCond %{HTTP_USER_AGENT} \
12soso|\
192\.comagent|\
1noonbot|\
zuibot|\
zyborg|\
zyte\
 [NC]
RewriteRule .* - [F]
#bad bots end

Basically throwing a 403 on a URL match. I checked this post to see how I can convert these .htaccess rules to a web.config rewrite rule via IIS. When I import the rules however, I get an unexpected result where no rules seem to be converted, see image below. What am I doing wrong?

That converter has its limitations. In most cases you need to manually convert. — Lex Li, Apr 10 '19 at 13:06

score 1 · Accepted Answer · answered Apr 10 '19 at 13:11

1

It's certainly choking on the \ and the carriage return. If you try the following you'll see it should import properly:

#bad bots start
#programmed by tab-studio.com public  version 2017.12
#1 new rule every 500 entries
RewriteCond %{HTTP_USER_AGENT} 12soso|192\.comagent|1noonbot|zuibot|zyborg|zyte
 [NC]
RewriteRule .* - [F]
#bad bots end

Having said that, you might consider looking at using Request Filtering & Scan Headers instead: https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/filteringrules/filteringrule/scanheaders/

answered Apr 10 '19 at 13:11

Rich-Lang

469
2
7

Thanks. I assume you're suggesting to use request filters because that blocks requests at an earlier moment than a web.config rewrite rule. Now my example .htaccess rules work on `HTTP_USER_AGENT`, but I see an example for IIS here that uses `User-agent` (https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/filteringrules/filteringrule/scanheaders/), is there a difference? – Adam Apr 11 '19 at 14:48
1

Not only does it operate earlier, but RequestFiltering is specifically a security module and has built-in support for explicit Status Code (SubStatusCode) logging when it blocks something. HTTP_USER_AGENT and User-Agent will be the same thing. HTTP_ is how systems reference the data as an HTTP Header, but ultimately is just a copy of the value in the actual HTTP Header. Under the covers they are both checking the same thing. – Rich-Lang Apr 11 '19 at 14:52

IIS htaccess rule converter only importing 1 rule

1 Answers1

Linked