Messages

286

Getty Images Letter Forum / Re: off topic thread for the tech geeks (Lucia)

« on: January 24, 2013, 08:32:29 AM »

There are lots of twitterbots too; I think their goal is advertizing/seo for their customers (not the site visited).  If you post a link to twitter, a swarm comes and it comes instantaneously.   Because my site is only a blog  I ban most of those too.  Eli probably should too (though I don't think anyone is tweeting ELI's address much. But if it does, most twitter bots are useless.  A few might be useful-- someone could let them in and block the others.)

287

Getty Images Letter Forum / Re: off topic thread for the tech geeks (Lucia)

« on: January 23, 2013, 09:55:23 PM »

ZBblock can be made to work for with *anything* that uses php.  The ELI forums uses SMF which is a php script.  So, with respect to the forum, ZBBlock would do a great job keeping crawlers off. Reading the killed_log.txt files could also help Robert & Matt identify "things" they might want to block in .htaccess (which is for Apache).

Zbblock doesn't protect static files (unless you do really fancy stuff). So, for that, those on Apache can use .htaccess, or some sort of firewall. (I end up using Cloudflare as my "firewall".)

 I don't know anything about how to protect servers using software that doesn't permit you to use .htaccess.  But *in principle* you might be able to do a lot of stuff with .htaccess you can do with ZBblock-- but ZBblock is easier because Zaphod already wrote it, updates &etc.  ZBblock may also be faster and it permits you to come up with quite a few "tailored" rules if you so desire.   

Are you trying to protect anything dynamic? (A blog? Shopping cart? Etc.)

288

Getty Images Letter Forum / Re: off topic thread for the tech geeks (Lucia)

« on: January 23, 2013, 12:36:14 PM »

http://www.spambotsecurity.com/forum/search.php?keywords=Brandwatch&terms=all&author=&sc=1&sf=all&sk=t&sd=d&sr=posts&st=0&ch=300&t=0&submit=Search

289

Getty Images Letter Forum / Re: off topic thread for the tech geeks (Lucia)

« on: January 23, 2013, 12:30:00 PM »

Carnac predicts: They will violate robots.txt.

290

Getty Images Letter Forum / Re: off topic thread for the tech geeks (Lucia)

« on: January 23, 2013, 12:17:21 PM »

Since moving the ELI site to new servers and working on bugs, glitches and other items, I had the opportunity to have a look at the log files and made a couple of discoveries of interest..

Something somewhere was triggering mod-security to block IP's, the last issue I looked into led to the discovery of 46 alerts triggered! yes 46 different alert strings! I immediately suspected some sort of bot, crawler or scraper. As it turns out a crawler named "magpie crawler" was hammering the server relentlessly.

Yep.  Been there. Seen that.

magpie is blocked by default with ZBblock. It's really worth adding ZBblock that to the front end of the SMF which uses php.  That will block a bunch of other seo bots.

some quick research told me that magpie crawler is owned and operated by a company named "Brandwatch" and there are plenty of google entries slamming them for being "bad bots" and sucking away bandwidth like crazy..

Yep. These are the sorts of things that need to be blocked.  After I saw the image crawlers racing, I watched more and realized that there is just to much c*ap stuff out there that does your site no good, and needs to be blocked. As far as positive SEO: Google, and maybe bing are worth letting in.  Most other SEO exist for "research" (i.e. party A reads your site "B" to sell information to site C.  There is nothing positive in it for "site B".  )

Don't be surprised is someone from Brandwatch appears in this thread, apologizing and justifying their bots behavior, it is their typical MO. At this time they "claim" they adhere to robots.txt, I have my doubts, they will be monitored closely, and worst case they will get their IP range blocked from ELI.

Don't even wait. Just block them. I advise getting ZBblock http://www.spambotsecurity.com/zbblock_download.php  It's pretty easy to use-- and you'll be glad you do.  Zaphod has pretty good directions to install the thing and once it's installed, for most CMS's you add 1 line to the top of a php file. (For Wordpress it's the config.php or something like that.)

If you use that, you'll block all sorts of other things: majestic12, 80 legs, mobsters in Russia, a fair amount of spambots.  I'm enough up to speed that I can suggest custom things if you need quick help.

This can be in addition to any blocking you do at your router.   (I'm on shared hosting... so ZBblock is a big thing for me. I now use Cloudflare as a CDN and automatically transfer blocks so they happen at Cloudflare. That's great too.  But I think since you have control of the server you don't necessarily need to have the Cloudflare bit. )

FWIW: If you end up using ZBblock, I'm going to ask you to let me read your killed_log.txt files.  I want more data!!

291

Getty Images Letter Forum / Re: Received a Letter from Masterfile

« on: January 22, 2013, 03:01:37 PM »

I'm not certain, but I think you should not dissolve the LLC until after consulting someone about the copyright issue.  While the LLC exists, I think Masterfile has to sue the LLC. Afterwards.... I don't know. It might be permitted to sue you.  Oscar and the business types will know.

292

Getty Images Letter Forum / Re: Very Pissed Off - Payback time

« on: January 19, 2013, 09:27:48 AM »

Ok....I'm on pins and needles!

293

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 14, 2013, 07:27:27 PM »

3) Make a reasonable offer of 50 -200 dollars.
[...]
It doesn't really matter if it's hotlinked, they'll bug you regardless, but still can't do anything without the copyrights.

Sure it does. Because if it's hotlinked you don't offer zero ($) and you are done.  They may write back-- but you reitterate that it was hotlinked and will send zero.   In contrast, if it was not hotlinked, you offer something-- making your offer contingent on them proving they have a contract from the copyright holder and that a copyright registration of some sort has been filed.

294

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 14, 2013, 04:30:45 PM »

At least she didn't send the letter!

The sad fact is that most letter recipients inclination is to do what you would do in "normal" life when you might have accidentally done something that might be wrong /obnoxious / etc. but has caused no real tangible damage to anyone. That is: Admit and apologize.  In real life, this is often what "works" for many reasons among them that the other person says: Ok.  That's fine it's over now. 

The problem is that Getty is generating these letters to make money.

Anyway, many of us would have rewritten our first letter which quite often we wrote too soon and admitted too much. I -- for example-- regret telling them the site I was hotlinking from. I wish I had merely said I hotlinked and kept the proof of hotlinking in my own files. I knew I had that proof. Having that would have been sufficient to show I did not violate copyright had they sued me. I didn't really need to prove my case to them to the extent that I did and I wish I had not volunteered that URL. (If they already knew it-- fine. But I suspect they did not. )

Many of us are pleased with our second letter.

295

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 14, 2013, 02:54:13 PM »

It might be helpful in many cases if we had a "guide" or "faq" that explained the process of dealing with trolls.

One difficulty is that it would end up long. For example: First step should always be: figure out if you hotlinked. If your site is in the US and you hotlinked, use lucia's letter.  If you didn't hotlink, move on to Greg's. But you still need to learn other stuff-- because -- at least hypothetically-- someone might have copied an image that is actually valuable and was individually registered and isn't plastered all over every free wall paper site from here to Timbucktu.  And notice we have one case that's a photograph of a book cover? And another was a claim because a portion of the image supposedly matched clouds in another image? 

How do you make a faq?  Plus-- also hypothetically-- things could change. Getty might start getting their photographers to register and so on.

296

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 13, 2013, 10:49:19 PM »

Sandy,
Troy's 2nd letter is a good one in your circumstances. (Had you hotlinked, I'd show you my letter. )

Now, let me explain my questions to you in context of what he requested from Getty. First: It is my view that before writing the letter it's worth having an *idea* what the answers are likely to be. Nevertheless, you still ask them. Now look at what Troy asked for:

I need

1)to see verification that the image was filed with the U.S. Copyright Office
2) Verification that the copyright is either for the individual image or a group of images.
3) I need a copy of the signed contract, assignment or other documentation between Getty Imagesand the artist transferring copyright and giving you exclusive rights to the image as you havestated in your letter.
4) Sales history and records of this image and prices received for the image

Let's look at each thing:
1)to see verification that the image was filed with the U.S. Copyright Office

Notice that *I* looked at the US copyright office for you. I  had difficulty finding anything with this photographer's name. At. All.  Of course, my ability might be imperfect, but this already suggests that there is a pretty good chance the image has not been properly registered. I can't guarantee it. You might want to get another friend to search the copyright office. But... I didn't find it.

2) Verification that the copyright is either for the individual image or a group of images.

Notice I speculated on this the "group" issue.  I didn't find individual or group images.  Even group images need to list the photographers name. So I *think* that should have come up if it was registered in a group. But-- I could be wrong.

3) I need a copy of the signed contract, assignment or other documentation between Getty Images and the artist transferring copyright and giving you exclusive rights to the image as you have stated in your letter.

I didn't discuss this yet. But it's worth requesting. Getty will likely refuse. But the fact is, it's a valid to request they prove they have standing to represent the photographer.  They have, in the past operated with some "online" contracts that did not have proper signatures. So they may  not have standing to sue. If so... while the copyright holder could sue you, Getty has no standing. (That doesn't mean they can't be stoooopid enough to sue. But they would lose. And in copyright, if they lose, you can make them pay your legal fees. So, this discourages then from the stupidest of suits-- especially when the issue involves only 1 image.)


4) Sales history and records of this image and prices received for the image

If the image is not properly registered, the copyright holder or the appropriate designated party can still sue-- and win. But they have to prove the value of that image based on actual sales. Notice I commented that that picture is hardly that photographers best work?  Looking at it, do you think anyone would pay much for that picture? I bet there have been no sales -- zero. This isn't exactly one of the "getty images" of a celebrity star (e.g. Angelina Jolie) or a particularly dramatic shot of something that happened at the Super Bowl etc. If you'd used one of those, Getty could probably show plenty of actual sales (and it would likely be individually registered.)  But... that's not what we have here. Right?

So: based on looking at the sales record, this looks (to me) like one of the getty letters where
a) The image *likely* has no copyright registration or a flawed one.
b) The image *likely* has little commercial value.

In this context, it's worth finding the price of "similar" images of ladders and seeing what other places charge.  Write a letter similar to Troys (but not identical) and send that off.  Tell them the image is removed *as a courtesy*. Do not say anything about your business.  You can mention that your site has very little traffic. (This matters if later some fair use issue comes up.)  Avoid explaining you found the thing on Google.

The point is not to beg for their mercy. They are not a jury. They are not a judge.  You are negotiating.  And reality, it appears your position appears relatively strong in the sense that if they did sue they quite likely wouldn't recover. But if you copied it can be useful to *offer something*--- as Troy did.  But make any offer contingent on them providing you proof the image is registered individually and they have a contract with the copyright holder. After all: Why should you pay someone who does not have a right to collect any fee?

297

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 13, 2013, 05:31:53 PM »

I could register a photo under some other name?  Sandy Jean Smith?
If it was registered as Sandy Jean Smith, it should still show up on a search for Sandy Smith.   There can be issues if photos were taken as "works for hire". But I think if the photographer is Sandy Jean Smith, that name should still show as the creator/photographer/author etc. The owner might be someone else.

298

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 13, 2013, 05:29:49 PM »

Sandy--
First: I think if the photographer registered individually, it would be registered under his name. I found no such record-- but that could be my lack of competence. (Still... it's just a name and keyword search. So.. looks like zip.)

I'd like to elaborate:  The point of looking things up is to figure out what "the worst that could happen" is if Getty sued (which they probably won't for 1 image and so on.)   It's also figuring out what you will want to put in a letter when you write Getty (which need not be extremely soon. But it would likely be good to write them within a few weeks.)

FWIW: I got a letter Thanksgiving weekend 2011. For me, knowing the worst that could happen is helpful for deciding how to go forward.

On this front, it's worth knowing whether something about your case has a feature that could drastically limit what Getty could possible gain by suing you (and likewise, what you could lose.) Obviously, if they can't gain anything, and you can barely lose anything, that gives you a lot of breathing room when negotiating for any sort of settlement.  (You did copy-- so I think generally Oscar advises offering a reasonable settlement. But your idea of reasonable and Getty's are likely not to align too well. And obviously, you wouldn't want to know what the image is actually worth before offering anything. Some images are worth a lot. Others... on... $5 for a lifetime license is probably generous!)

There are generally multiple issues that would limit how much Getty could *possibly* win-- and that limits how much you could possibly be held liable for.   How much Getty could win (if they sued-- which they almost never do) is affected by whether the copyright was formally registered and also whether the registration is done properly.  In the past (and possibly even now) Getty and other stock companies have tried to use "mass registration" where they will registered hundreds or thousands of images as a "collection".  This makes the registration -- such as it is-- hard to locate.

But beyond being hard to locate, registering as a "collection" those registrations often have flaws (like being organized in ways that make it difficult to tell which images were intended to be contained in the collection, figuring out who the photographer is for each image and so on.)

There has been a lot of discussion at this site about the manner in which things are registered. It's not clear registration as a collection will be interpreted as being a valid registration for an individual image if Getty were to sue you  for using an individual image (which they probably won't. Part of the reason the probably won't is precisely that they know that courts might deem their registration flawed because its registered as "a collection" and not an image).  Tentatively-- it looks like that image might either not be registered at all or registered as "a collection" and not individually.  We need to firm this up a bit-- it really does help to find the 'registration' so we know. But I haven't found the registration for the collection. It does help to find that when we can!

Note that the photographer works in the UK.  I have no idea what might happen if it's registered in the UK. Oscar quite likely will know though.  If registration in the UK "counts" we'll have to figure out how to look into that.

For now: Some further hunting is required. But one thing you are going to want to do is make a list of things that you will eventually put in your letter to getty. One of those things will be requesting they supply you the copyright registration information so you can verify the image is copyrighted. (They will almost certainly refuse to give this to you. You still ask for it. )

As for tidbits of information: I'm partly posting because other readers might know how to find things better. The collections... can be difficult!

299

Getty Images Letter Forum / Re: We are the latest victim of the Getty Image extortion scam

« on: January 13, 2013, 03:54:00 PM »

Ok..
I searched for both Peter Cade (photographer) and Iconinca (collection) here: http://cocatalog.loc.gov/cgi-bin/Pwebrecon.cgi?DB=local&PAGE=First    I didn't find anything promising.  That doesn't mean it's not registered-- it could be registered under "getty" or something.  But it suggests it might not be individual registered.

The photographer himself seems to have been in business for 15 years.  ( http://www.petercadephotography.co.uk/pcphnewabout.html )  Many of the photographs on display at his site are considerably more attractive than that one.

Others can see if they can find the registration. (Not being registered would be in your favor. )

Photographer:    Peter Cade
Collection:    Iconica
Credit:    Peter Cade

300

Getty Images Letter Forum / Re: Latest image scraper – a troll by any other name

« on: January 11, 2013, 10:09:11 PM »

Speaking of which, I've gone to using ZBblock to ban things.  (I do special "odd" things for images" because ZBblock only protects '.php' files. Some requests for images are redirected to a php file.)  But the 'custom' user agents I block are discernable in this bit of code:

Code: [Select]

<?php
# require_once("CookieChecks.php");
#echo("<b>useragent checks");
function CustomUserAgentCheck($useragent){
global $thishost, $ax, $whyblockout, $whyblockout2; 
global $requesturi, $lcrequesturi, $lcrequesturisws, $lcrequesturisws, $address; 
$ax_start=$ax;
$lcuseragent=strtolower($useragent);
$lcuseragentsws=preg_replace('/\s+/','',$lcuseragent);
$lcuseragentsws=preg_replace("/[^\x9\xA\xD\x20-\x7F]/",'',$lcuseragentsws);

$whyblockout2 .= "(check ua)";

$bad_UA="(psbot|picsearch|vlc|htmlparser|playstation|pixray|pix|picscout|pics|pict|phantom|copy|getty|tineye|wesee.|digimarc|bitvo|nsplayer|thumbnail|screenshot|snapshot|sindice|luminate|fyber|cydral|doubanbot|webcollage|rganalytics|shot|snappreviewbot|version: xxxx|muso.com|musobot|photon| brandprotect)";
$reason_stub=" Image user agent.  "; #
pregMatchTest( $bad_UA, $lcuseragent, $reason_stub, $insta=" INSTA-BAN. ");
# -------- --------   -------- --------  -------- --------   -------- -------- 

$bad_UA="(mShots|TraumaCadX|BPImageWalker|ImageProHD|WikioImagesBot|3.01 PBWF (Win95)|Corp_Device_User|CoverScout|ImageProHD|WikioImagesBot|nsplayer|J-BRW)";
$reason_stub=" Image user agent.  "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");
# -------- --------   -------- --------  -------- --------   -------- -------- 

$bad_UA="(crowsnest|grepnetstat|inagist.com|js-kit|scraper|seo|warebay|whowhere|www-mechanize|intelium|magpie|patchone.se|scanner|riverglass|parser|funnelback)"; # RiverglassScanner
$reason_stub=" Scraper, snoop, or seo user agent.  "; #
pregMatchTest( $bad_UA, $lcuseragent, $reason_stub, $insta=" INSTA-BAN. ");
# -------- --------   -------- --------  -------- --------   -------- -------- 

$bad_UA="(DDDDDD|000000|Spinn3r|spinn3r|rcMQUxf|B55|Weiterleitung|Baurat.de)";
$reason_stub=" Suspected anonymizer user agent.  "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");

# maybe these could be permitted to leave pings-- if I can figure out how those are left. 
$bad_UA="(Synapse|coccoc.vn|metauri|q0\.com|lynx|libwww|EAK01AG9|crawlerj|parsijoo)";
$reason_stub=" Suspected bot user agent. Snoop/Scrape/useless search etc."; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");

# -------- --------   -------- --------  -------- --------   -------- -------- 

# include voracious, seo, subscription in subscription reputation management,mystery etc.
# try adding info FunWebProducts Http. break words in   ProxiNet links (check logs. does apache leave linx or links?) 
# Experimental SNAPSHOT
# Catalog UnwindFetchor akarta Commons-HttpClient/3.1 Peeplo Screenshot Bot Phantom.js bot PycURL/7.19.7 MonTools.com   artviper(tm) RankFlex.com  Jigsaw/2.2.5 W3C_CSS_Validator_JFouffa/2.0 Y!J; for robot study; keyoshid store tweet twitter archive , Links2Go Similarity Engine , WebCapture  W3C_Validator/1.3 bdcindexer_2.6.2 (research@bdc) 192.comAgent Aberja Checkomat ntelliseek HyperixScoop spam  , Exalead NG/MimeLive Client (convert/http/0.120),  Lotus-Notes/5.0 CloakDetect  DeepIndex Data DataFountains/DMOZ Downloader Robots.txt finder


# I shoud change it to self identify. They hit knitting haiku. Might hit.... uhmmm bannasties? The test blog? Need to find that. 
# lots of crap at google appid.  I suspect I don't want to permit anything from '
# google appid other than hitting feed.

$bad_UA="( 008/|80legs|2dayhost.com|aboundex|acoon|ahrefs|aihit|\(alpha\)|baidu|binlar|bixo|ccbot|checker|chilkat|clipish|cmsworldmap|coomnet|crowsnest|cuasar|digital alphaserver|crack|dataprovider|daumoa|detect|download|fairshare|fark.com|find|freewebmonitoring|fyber|gomez|govid.mobi|inagist|indexer|ips-agent|lead|linkalarm|linkbutler|linksleuth|linkcheck|linkfluence|linkdex|lumin|mj12|majestic|metamoji|missing|mojeek|monitoring|mozilla/0.91 beta|netseer|null|openindex|panopta|panscient|peerindex|pipl|portalimage|postrank|proximic|radian6|reverseget.com|seek|seo|searchme|siclab|scraper|shop|sistrix|showsiteinf|scoop|sniffer|spinn3r|super-goo|trendiction|thunderstone|tweet|unisterbot|unmask-parasites|urlchecker|wasalive|whatweb|whitehat|webinator|whowhere|wotbox|wada.vn|yacy|whatweb|wholinks|wikimpress|wocodi|yanga|@somewhere|info.netcraft.com|dom2dom|tenderlove/mechanize|edition yx|socialayer|linkjumper|coldfusion|abonti|genieo.|getfavicon|mrchrome|unwind|lucene|solr|drup|webmastercoffee)";
## web-sniffer| 

$reason_stub=" Subscription crawler service or crawler user agent.  "; #
pregMatchTest( $bad_UA, $lcuseragent, $reason_stub, $insta=" INSTA-BAN. ");


if(!inmatch($lcuseragent,'pubsubhubbub',"") && !inmatch($lcuseragent,'s~feedly-social',"")  ){
$reason_stub=" Unauthorized google app. If you would like approval for this google ap, contact me so I can whitelist it.  "; #
$bad_UA="(appid:)";
pregMatchTest( $bad_UA, $lcuseragent, $reason_stub, $insta=" ");
}
# -------- --------   -------- --------  -------- --------   -------- -------- 
# my crons send this: Links (2.1pre37; Linux 3.1.9-vs2.3.2.5 x86_64)  unless I change it.

if($_SERVER['REMOTE_ADDR']!= $_SERVER['SERVER_ADDR']){  
$bad_UA="(link)";
$reason_stub=" Link hunting ua  "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");
} 

if(!inmatch($useragent ,"The Incutio XML-RPC PHP Library","") && !inmatch($useragent ,"FirePHP/","") ){
$bad_UA="(java|ruby|pear.php|http_|nutch|drupal|curl|start.exe|wget|dataprovider|php|metauri|simbar)";
$reason_stub=" Programming language, utillity or weird extension.  "; #
pregMatchTest( $bad_UA, $lcuseragent, $reason_stub, $insta=" INSTA-BAN. ");
}
# -------- --------   -------- --------  -------- --------   -------- -------- 

$bad_UA="(Butterfly|Curious George|DonkeyBot|EventGuruBot|EventMachine|Google/1.0|MaMa CaSpEr|IlTrovatore-Setaccio|Microsoft-WebDAV-MiniRedir|MSIECrawler|NerdByNature|PHP/SMF|Semantic|SymantecSpider|Searcharoo|SiteIntel|T-H-U-N-D-E-R-S-T-O-N-E|Trystero|Ukonline|Vagabondo|WWW-Mechanize|XML-RPC.NET|Voila|ELNSB50|bltformac| YE |boardreader|SIMBAR|Zend_Http_Client)";

$reason_stub=" User agent I just do not trust.   "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");
# -------- --------   -------- --------  -------- --------   -------- -------- 

# archaic or just badly behaved
# I think I can add ^Mozilla/4.0$
$bad_UA="(Mozilla/0.6 Beta|Mozilla/4.0 \(compatible; ICS\)|^Mozilla/4.0$)"; 
$reason_stub=" Archaic user agent or obnoxious prefetcher. "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");


$bad_UA="(0000|DDDDD)";
$reason_stub=" Anonymizing user agent. "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");

# -------- --------   -------- --------  -------- --------   -------- -------- 
$bad_UA="(@alexa.com|archive|heritrix|internetmemory|Svenska-webbsidor)"; # archive bot based on heritrix
$reason_stub=" Archivers like wayback, foreign wayback etc. "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");

# -------- --------   -------- --------  -------- --------   -------- -------- 
 $bad_UA="(super-goo|siclab|yodao)";
$reason_stub=" Foreign language do not bring traffic user agent.  "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN. ");

 $bad_UA="(\.asp|\.bbs|\.dll|\.exe|\.svn)"; #

$reason_stub=" Does not exist.  "; #
pregMatchTest( $bad_UA, $useragent, $reason_stub, $insta=" INSTA-BAN.  ua ");


# echo("<center><br> Done with UA  checks. </center>");
unset ($bad_UA );

#if(strlen($useragent)<4 && !rmatch($requesturi,"/BanNasties/recieveZBBlock.php","") ){ $ax++; $whyblockout=" Blank user agent. INSTA-BAN. "; }

$ax += rmatch($useragent,"YI","Suspected hacktool (UA-142). "); //71
$ax += rmatch($useragent,"YE","Suspected hacktool (UA-142). "); //71


# ------------no idea.. but I don't trust. ------------------- '


$ax = $ax + (inmatch($useragent,"IlTrovatore-Setaccio","; not search engine bot?  Nasty. ")); #  

$ax = $ax + (inmatch($lcuseragent,"cis455crawler","; is455crawler mystery bot with no web page.  Nasty. ")); //


$ax = $ax + (inmatch($useragent,"OpenCalaisSemanticProxy","; OpenCalaisSemanticProxy  Nasty.  ")); //
$ax = $ax + (inmatch($useragent,"Spider.exe","; DLE_Spider.exe   Nasty. ")); //

# gigablast spider

if($address != '64.22.106.82'){
$ax = $ax + (inmatch($useragent,"gigablast.com","; spoofing gigablast spider. INSTA-BAN.  ")); // 

}

if($ax_start<$ax){$whyblockout2 .= "(ua_cust)";}

return;
}
?>
For reverence $lcuseragent is the lower case user agent.
$useragent is the useragent. Pregmatch sees whether anything in that '|' separated list is a match and anything with $ax>1 is banned. 

If you use htaccess, you can discern the useragents and ban them.  I also block all agents that ZBblock bans by default.   As you can see, BPImageWalker identified as  "Image User agent".  There are more. . .