Hi Mariusz,
yes, you should be looking at user agent strings. You have a pretty good list here to start with: http://useragentstring.com/pages/useragentstring.php
You don't need to block "all" browsers, just those that might be installed onto your systems, right? If that is corporate or whatever domained environment, you need to block several versions of IE explorer that preceed IE10, so you need to add five-six "OR" rules to a first example like that one with Chrome, and your agent lists need to have at least 7 characters. You can do that with blocking separately "MSIE\ 6\.", than "MSIE\ 5.", whatever - 7, 8, 4, 3 2. You have 7 characters there, "MSIE 6." but you are escaping blank space and dot with backspace.
Edit: I just re-read your last question 🙂
If you want to block just IE, you can do that with "atible;\ MSIE" - will do the trick to catch (m)any versions of IE. If not, see what you have and play with it.
You have somewhat technical document here: https://live.paloaltonetworks.com/t5/Documentation-Articles/Creating-Custom-Threat-Signatures/ta-p/58569 that describes all your possibilities for matching (you are specifically matching here a "http-req-headers" that is described in that document) and at the end of the document you can find an explanation on regular expressions that are used for pattern-match.
Best regards
Luciano
... View more