: How does one block unsupported web browsers? Web browsers with an end of life no longer receive security updates which not only makes them vulnerable to the end user, but I imagine its not
Web browsers with an end of life no longer receive security updates which not only makes them vulnerable to the end user, but I imagine its not safe for the server's which receive visits by them either.
Is it practical to block or enforce and notify the end user that their browser is unsafe and unsupported? If so, how would one achieve that? I don't know of any official or crowd-sourced listing with that information to parse and keep up to date. I'm aware that the practice can be custom built with User Agent parsing and feature detection for HTML5 enabled browsers.
More posts by @RJPawlick198
2 Comments
Sorted by latest first Latest Oldest Best
A user with an insecure browser cannot harm a server. It's the other way around.
And now....
No! No! No! No! No! Never block a browser!
If you build a site using Progressive Enhancement you can support every browser regardless of functional capabilities. A well-built website will be usable and accessible without CSS, JavaScript, and images. It may not look pretty and may not be as pleasant of an experience, but the content is still reachable. Then users who do support newer browser functionality will get an enhanced experience. It's quicker and easier to do then most web developers think.
If for some reason you need to identify a browser never use user agents to identify them. They are easily spoofed and unreliable. Use feature detection instead.
A nice side effect of this is your website will be be search engine optimized as well since they are essentially as capable as Netscape and MSIE 2.0.
Please refer to this for a near-comprehensive list of browsers and their user-agents.
You can edit your Apache config or make a .htaccess file with this in it to block those specific user-agents, or the browsers you don't want to visit:
#redirect those user agents to another page.
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^useragent-string1 [OR]
RewriteCond %{HTTP_USER_AGENT} ^useragent-string2 [OR]
RewriteCond %{HTTP_USER_AGENT} ^useragent-string3
RewriteRule ^(.*)$ path.to.your/error/page.html
To quote you: "I'm aware that the practice can be custom built with User Agent parsing and feature detection for HTML5 enabled browsers." Why would you want to block browsers that support HTML5, since those are generally the more modern and secure browsers?
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.