-- Search Engine Spider and User Agent Identification
---- casper bot search attempts to infect sites
incrediBILL - 7:21 pm on Jul 7, 2010 (gmt 0)
One may consider to block POST queries with a user agent as mentioned above (not: query strings)
The hits on my site aren't POSTS, they are GETS, so the query string is where I block the attack by actually restricting anything with "http:" in the query string to prevent anything from being uploaded since the rest of the attack vectors seem to be random.
Of course this will break some software/sites so I don't recommend it for everyone, but it stops it cold on my server.