Code: Select all
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $orderProcessor = "$main::gScriptsPathUrl/ProcessOrder.pl" ;
my $request = new HTTP::Request('POST', $orderProcessor) ;
$request->content_type('application/x-www-form-urlencoded');
$request->content($encodedQueryString) ;
$ua->timeout(20) ; # 20 second timeout
my $response = $ua->request($request);
Code: Select all
$ua->agent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0") ;
Code: Select all
ModSecurity: Access denied with code 403 (phase 2). Match of "rx (^w3c-|systran\\\\))" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_rules/20_asl_useragents.conf"] [line "147"] [id "330039"] [rev "4"] [msg "Atomicorp.com WAF Rules: Suspicious Unusual User Agent (libwww-perl). Disable this rule if you use libwww-perl. "] [severity "CRITICAL"] [hostname "sheepsystems.com"] [uri "/cgi-bin/test/ProcessOrder.pl"] [unique_id "U87-V0VJqJ8AAGWTKqkAAAAH"]
I think that modifying my "calling" script to use a different user agent, as I have, is a good workaround, but spoofing Firefox 30.0 is a kludge. Is there a good, future-proof User Agent string? What if I just made up my own User Agent string, "Jerry 1.0"? Is that a good idea?
Thanks,
Jerry Krinock