I just learned this now :-) You can now use the URLScan 3.1 with your own custom rules, and it would come handy in situations like rejecting a request based on the User-Agent string. Below is a sample rule for the same: [Options] RuleList=DenyUserAgent
