diff --git a/modules/security/bot-analyzer.sh b/modules/security/bot-analyzer.sh
index d031297..24b4478 100755
--- a/modules/security/bot-analyzer.sh
+++ b/modules/security/bot-analyzer.sh
@@ -1563,16 +1563,20 @@ generate_report() {
     fi
 
     echo ""
-    echo "# User-Agent blocking (add to .htaccess):"
-    echo "SetEnvIfNoCase User-Agent \"nikto|nmap|masscan|sqlmap|havij\" bad_bot"
-    echo "SetEnvIfNoCase User-Agent \"acunetix|nessus|burp|metasploit\" bad_bot"
+    echo "# cPanel User-Agent blocking (add to /etc/apache2/conf.d/includes/pre_main_global.conf):"
     echo ""
-    echo "# Optional: Block aggressive SEO bots"
-    echo "# SetEnvIfNoCase User-Agent \"AhrefsBot|SemrushBot|MJ12bot|DotBot\" bad_bot"
+    echo "<IfModule mod_rewrite.c>"
+    echo "    RewriteEngine On"
+    echo "    RewriteCond %{HTTP_USER_AGENT} \"(nikto|nmap|masscan|sqlmap|havij|acunetix|nessus|burp|metasploit)\" [NC]"
+    echo "    RewriteRule ^ - [F,L]"
+    echo "</IfModule>"
     echo ""
-    echo "Order Allow,Deny"
-    echo "Allow from all"
-    echo "Deny from env=bad_bot"
+    echo "# Optional: Block aggressive SEO bots (uncomment to enable)"
+    echo "# <IfModule mod_rewrite.c>"
+    echo "#     RewriteEngine On"
+    echo "#     RewriteCond %{HTTP_USER_AGENT} \"(AhrefsBot|SemrushBot|MJ12bot|DotBot|Meta-ExternalAgent|Go-http-client)\" [NC]"
+    echo "#     RewriteRule ^ - [F,L]"
+    echo "# </IfModule>"
 
     echo ""
     echo "# CSF/iptables format:"