: How does one block unsupported web browsers? Web browsers with an end of life no longer receive security updates which not only makes them vulnerable to the end user, but I imagine its not

@Pope3001725

A user with an insecure browser cannot harm a server. It's the other way around.

And now....

No! No! No! No! No! Never block a browser!

If you build a site using Progressive Enhancement you can support every browser regardless of functional capabilities. A well-built website will be usable and accessible without CSS, JavaScript, and images. It may not look pretty and may not be as pleasant of an experience, but the content is still reachable. Then users who do support newer browser functionality will get an enhanced experience. It's quicker and easier to do then most web developers think.

If for some reason you need to identify a browser never use user agents to identify them. They are easily spoofed and unreliable. Use feature detection instead.

A nice side effect of this is your website will be be search engine optimized as well since they are essentially as capable as Netscape and MSIE 2.0.

Vote Up Vote Down

@Phylliss660

Please refer to this for a near-comprehensive list of browsers and their user-agents.

You can edit your Apache config or make a .htaccess file with this in it to block those specific user-agents, or the browsers you don't want to visit:
#redirect those user agents to another page.
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^useragent-string1 [OR]
RewriteCond %{HTTP_USER_AGENT} ^useragent-string2 [OR]
RewriteCond %{HTTP_USER_AGENT} ^useragent-string3
RewriteRule ^(.*)$ path.to.your/error/page.html

To quote you: "I'm aware that the practice can be custom built with User Agent parsing and feature detection for HTML5 enabled browsers." Why would you want to block browsers that support HTML5, since those are generally the more modern and secure browsers?

Vote Up Vote Down