Libwww-perl (LWP) is a WWW client/server library for perl which can be used by hackers, spammers or automated bots to attack a website to steal information so we need to apply security to our web application to eliminate many simpler attacks on the website.
In order to fix this issue in an ASP.NET web application we can use the following code. Add the code in Application_BeginRequest method of Global.asax file in your web application
protected void Application_BeginRequest(object sender, EventArgs e)
{
string userAgent = HttpContext.Current.Request.ServerVariables["HTTP_USER_AGENT"];
if (!string.IsNullOrEmpty(userAgent))
{
if ("Libwww-perl".ToLower().Equals(userAgent.ToLower()))
{
Send403(Response);
}
}
}
internal void Send403(HttpResponse response)
{
SendResponse(response, 0x193, "403 FORBIDDEN");
}
internal void SendResponse(HttpResponse response, int code, string strBody)
{
HttpContext current = HttpContext.Current;
object obj2 = current.Items["ResponseEnded"];
if ((obj2 == null) || !((bool)obj2))
{
current.Items["ResponseEnded"] = true;
response.StatusCode = code;
response.Clear();
if (strBody != null)
{
response.Write(strBody);
}
response.End();
}
}
Another option is to disallow Libwww-perl user agent in robots.txt
User-agent: Libwww-perl Disallow: / User-agent:* Disallow: