This project is not covered by Drupal’s security advisory policy.

HTTP Reject admin interface

The http_reject module looks at the HTTP request being sent to your Drupal instance and will reject it if set criteria are met.

The goal is to allow users to configure their Drupal installations to reject HTTP requests from such things as FrontPage or a WebDAV client early on in the bootstrap process, so the site uses fewer resources and the watchdog logs aren't spammed with useless request entries.

If possible, this should in fact be done in .htaccess or the web server configuration files, but not all users have access to those.

Versions 6.x-2.x and 7.x-1.x also allow you to reject access early-on based on IP (v4 and v6) address and user-agent matching. This module is not compatible with aggressive caching and possibly also not with proxies such as Varnish.

Supporting organizations: 

Project Information