diff --git a/build.sbt b/build.sbt
index 01ebd14..064bf92 100644
--- a/build.sbt
+++ b/build.sbt
@@ -62,7 +62,8 @@
   "org.mockito"                     %  "mockito-core"                 % "2.13.0"         % "test",
   "com.wix"                         %  "wix-embedded-mysql"           % "3.0.0"          % "test",
   "ru.yandex.qatools.embed"         %  "postgresql-embedded"          % "2.6"            % "test",
-  "net.i2p.crypto"                  % "eddsa"                         % "0.2.0"
+  "net.i2p.crypto"                  % "eddsa"                         % "0.2.0",
+  "is.tagomor.woothee"              % "woothee-java"                  % "1.7.0"
 )
 
 // Compiler settings
diff --git a/src/main/scala/gitbucket/core/controller/ControllerBase.scala b/src/main/scala/gitbucket/core/controller/ControllerBase.scala
index c8f9c1d..d7bde61 100644
--- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala
+++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala
@@ -4,7 +4,7 @@
 
 import gitbucket.core.api.ApiError
 import gitbucket.core.model.Account
-import gitbucket.core.service.{AccountService, SystemSettingsService,RepositoryService}
+import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService}
 import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.util.Directory._
 import gitbucket.core.util.Implicits._
@@ -17,9 +17,10 @@
 import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 import javax.servlet.{FilterChain, ServletRequest, ServletResponse}
 
+import is.tagomor.woothee.Classifier
+
 import scala.util.Try
 import net.coobird.thumbnailator.Thumbnails
-
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.lib.ObjectId
 import org.eclipse.jgit.revwalk.RevCommit
@@ -113,12 +114,24 @@
       org.scalatra.NotFound(gitbucket.core.html.error("Not Found"))
     }
 
+  private def isBrowser(userAgent: String): Boolean = {
+    if(userAgent == null || userAgent.isEmpty){
+      false
+    } else {
+      val data = Classifier.parse(userAgent)
+      val category = data.get("category")
+      category == "pc" || category == "smartphone" || category == "mobilephone"
+    }
+  }
+
   protected def Unauthorized()(implicit context: Context) =
     if(request.hasAttribute(Keys.Request.Ajax)){
       org.scalatra.Unauthorized()
     } else if(request.hasAttribute(Keys.Request.APIv3)){
       contentType = formats("json")
       org.scalatra.Unauthorized(ApiError("Requires authentication"))
+    } else if(!isBrowser(request.getHeader("USER-AGENT"))){
+      org.scalatra.Unauthorized()
     } else {
       if(context.loginAccount.isDefined){
         org.scalatra.Unauthorized(redirect("/"))