Webhook User Agent

The User Agent String used by Twitch’s Webhook system appears to be “Go-http-client/1.1”. More and more frequently, “Go-http-client” in user agent strings is starting to be blocked by services and servers, as many crawlers and vulnerability scanners use the same agent. I am aware that user-agent-based blocking is incredibly stupid to begin with, but would it be possible to use a more unique, descriptive agent string? Something maybe relevant to the fact it’s a Webhook, or from Twitch, or both?

Whist I agree a user agent more description would be nice.

Surely you control what goes thru your security to hit your endpoints. So conceptually it’s a moot point, becuase you can configure security according to your needs. And if you can’t control/configure that, then you should consider alternative services imo.

And an attacker is just gonna use the known/documented Twitch Webhook User Agent when they want to attack anyway.

Unfortunately, when using a webhost service, it’s their security, not your security. Because the world’s not complete with more stupid all around. :roll_eyes:

I have, in my case, contacted my host and opened a ticket, but it being a weekend and a holiday on top of that…