Either way I doubt it's valid. SetEnvIf takes a perl style regex, not a
conditional.
will the above do what i THINK it will do?
I'm sorry, I can't read minds. What are you expecting it to do? How do
you expect this to be useful?
WHat you expect it to do and be useful for might be wildly different
than what I understand it to do.
before you start in on your "http user agent is not required http field and also can be spoofed", I know and the machines I want to block identify themselves as AOL (User Agent --> "Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Windows NT 5.0)")
so, I want to block access to those that identify themselves with AOL in the user agent field AND send a head request, that's all. AOL keeps sending 20-30 head requests per second every 2-3 hours from their proxy server (always different servers) for the same GIF image in my site that there's no link on my site to. They don't even request robots.txt to see if they are allowed.
You see what I want to do? I want only AOL to get 401 errors when they access my site and then only when they head my files.
It wouldn't be as bad if they were doing a head on a HTML file, then the server issues data and there MAY be a reason of some kind.
