Using proxies is not an indication of malicious intent -- For example, all AOL and many or all EarthLink subscribers connect through their ISP-provided proxy. So looking for the headers appended to requests by proxies (such as X_Forwarded_For and Via) is not terribly useful.

I'd suggest blocking the known proxy IP address ranges, and then looking at a 'behavioral' blocking approach for those that slip through that level of detection. Using captchas and such on your sign-up page is helpful.

Finally, re-think your forum posting policies and determine whether you might want to disallow some or all things that attract forum spammers: Disallow anonymous posting and posting signatures, URLs, and any HTML markup -- either completely, or until a certain post-count is reached.

It's a difficult problem, and only a small part of it can be addressed at the HTTP and server config levels.

Jim

The bad guys in my forum re-register to insult members and such. Their IP's start with different blocks, so no range can be blocked I guess.

I read your other post here:
[webmasterworld.com...]

I tried your code, but it blocked even me from accessing my website (403 error)

# BLOCK unsupported HTTP methods
RewriteCond %{REQUEST_METHOD} !^(GET¦HEAD¦OPTIONS¦POST¦TRACE)$
RewriteRule .* - [F]
# Bypass remaining code to allow HTTP-compliant OPTIONS and TRACE server responses
RewriteCond %{REQUEST_METHOD} ^(OPTIONS¦TRACE)$
RewriteRule .* - [L]
# Block attempts to use our server as a proxy, but allow absolute URIs
RewriteCond %{THE_REQUEST} ^(GET¦HEAD¦POST)\ /?http:// [NC]
RewriteCond %{THE_REQUEST} !^(GET¦HEAD¦POST)\ /?http://(www\.¦test\.)?MyDomain\.com/ [NC]
RewriteRule .* - [F]

WHy is it not working in my case? I can paste my whole htaccess if thats needed.

Two points:

First, that code stops your server from being used as an open proxy. This is useful if your host controls your configuration, and has left it open for use as a proxy. This code will not help with peopl eusing other machines as proxies to reach your server.

Second, I can see from your post that your browser uses a different character-set than the WebmasterWorld server, and it's likely that the code was corrupted when you copied it. The coipy you pasted above now looks corrupted to me. I see an uppercase accented "A"-with-a-circumflex (^) above it preceding each pipe character in the code, and the broken pipe "¦" characters posted here are always a problem: The broken pipe characters must be replaced (re-typed) with solid pipe characters before using any code you find posted here, because the WebmasterWorld server modifies those pipe characters.

Reviewing entire .htaccess files is well beyond the purview of this forum. We're all volunteers here, with limited time...

Again, look at what you can do to detect and discourage this problem *behaviorally*, since technical solutions are limited. Change your terms of service, and let it be know that no bad words are allowed. Then set a filter to immediately mark posts with bad words as being invisible to anyone except your admin, your mods, and the person who posted it. The result will be that no-one making a post with any bad word in it will ever get a reply.

That takes all the fun out of it, and they will either go away or quit. And it's hard to really insult anyone if you can't use bad words. You can even replace mildly-offensive words like "stupid" with "******" -- Your members will soon learn that it's no use being confrontational on your forum.

However, if your site is based upon using bad words or being confrontational, then the only solution is to hire more moderators (or get more volunteers) to enforce whatever your rules may be.

Jim

Thanks so much for your valuable suggestions. I'll start looking for a mod that can invisibly insulting posts. Brilliant idea!