737simpilot
commented
4 years ago I also think the UA needs to change because I block this UA in CloudFlare and it's used for shenanigans. There's no way I'm allowing it.
Open theel0ja opened 5 years ago
737simpilot
commented
4 years ago I also think the UA needs to change because I block this UA in CloudFlare and it's used for shenanigans. There's no way I'm allowing it.
borisceranic
commented
3 years ago I'm having exactly the same problem. I can't allow traffic that looks like this through the firewall.
Heck, even disregarding the user agent string and allowing the traffic based on the agent's IP address for initial HSTS preload checks, the IP address might change in future.
Ideally, a change of user agent string is also complemented by introducing a set of verifiable DNS names visible in reverse and forward IP address lookups of the agent (similar to how Google Bot can be reliably recognised).
nharper
commented
3 years ago This appears to be a duplicate of https://github.com/chromium/hstspreload/issues/107.
Currently, it seems to be
Go-http-client/2.0which doesn't tell the purpose for the request.For example SSL Labs test sends
SSL Labs https://www.ssllabs.com/about/assessment.html)as user-agent.