diff --git a/src/main/java/com/bsmlab/dfx/agent/config/AccessFilter.java b/src/main/java/com/bsmlab/dfx/agent/config/AccessFilter.java
new file mode 100644
index 0000000..3158fd1
--- /dev/null
+++ b/src/main/java/com/bsmlab/dfx/agent/config/AccessFilter.java
@@ -0,0 +1,33 @@
+package com.bsmlab.dfx.agent.config;
+
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+
+@Component
+public class AccessFilter implements Filter {
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        Filter.super.init(filterConfig);
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        String userAgent = request.getHeader("User-Agent");
+        if(!(userAgent != null && (userAgent.contains("DFXAgent") || userAgent.contains("DFXConsole")))) {
+            HttpServletResponse response = (HttpServletResponse) servletResponse;
+            response.sendError(HttpServletResponse.SC_FORBIDDEN, "Forbidden");
+            return;
+        }
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
+
+    @Override
+    public void destroy() {
+        Filter.super.destroy();
+    }
+}