That looks OK, and I think it should work. The only things to look into are:

1) Capitalization of mod_access [httpd.apache.org] directives is incorrect.
2) Change remote-hostname-based disallows to IP-based disallows if at all possible.

#2 is because looking up these hostnames cause your server to have to issue a request to the DNS system for every request that it receives. If this DNS request hangs, then your server process thread hangs. So, the DNS request introduces a serious dependency of your server on another system and can affect reliability. These requests also slow your server down a lot -- they can easily double the response time of your pages.

I'd also like to note that this may simply be a misperception of what these Denys will do. They should cause your server to issue a 403-Access Forbidden response instead of returning the requested content. However, they may not keep the requests from being logged or appearing on your 'stats'.

Jim

jd:

Thanks for the tips. I checked with my host and it doesn't even allow name-based blocking, so I just erased those. I also changed the capitalization. Hopefully it helps.

I don't care if the address shows up in my logs, I just don't want it sucking my bandwidth dry. This stupid spambot cost me $160 in bandwidth overage charges last month.

It continually crawls the site and puts random words and phrases in forms before submitting them. It uses random browser IDs, but usually comes from Chinese and Indian IPs.

Let's hope what you suggested works!

please note the addition of trailing periods after Class B & C's. (These are necessary.

order allow,deny
deny from 59.62.171.
deny from 60.9.27.80
deny from 61.155.212.
deny from 61.170.203.
deny from 61.171.163.
deny from 61.173.208.
deny from 61.173.208.140
deny from 65.38.99.225
deny from 203.169.
deny from 203.196.
deny from 205.136.240.131
deny from 212.31.117.
deny from 218.87.199.
deny from 220.194.231
deny from 222.69.100.
deny from 222.181.
deny from 216.166.145.162
deny from 217.218.155.
deny from 219.117.248.155
allow from all

hi artefaqs!

I had almost the same problem with u time ago where bots used to fill in my forms and creating a mess on my pages...if it is only a 'forms' matter u can consider doing what I did and fixed the problem...
on each one of the forms u have u can add a simple script to create an image with a 6 digit number and a simple text box in order to let users insert the number they see in the image...these images with numbers are generated randomly every single time the form loads producing a new number for users...if the user fills in the correct number the form is submitted...if not then they get a nice error message instead...i use this thing for guestbooks, reviews, forums and stuff...and it works great...however, i dont know if this will solve the bandwidth issue...

hope it helps....if u need details just ask me

omoutop:
I think that's the only solution I'm going to find for this.
How do I check the capcha value without submitting the form first? Is it some kind of javascript? Can you point me to an example?

no, it is not jevascript, it is server side php...here is the demo:
[gitme.net...]

here to download:
[gitme.net...]

it is a very simple script...u will be able to import it in ur forms...
hope it helps...

I looked at the site you suggested, and that solution is not going to work.
The problem isn't the content of the form.
The problem is that the spambot can see the form at all.
Putting a captcha on a form like that does not stop the spambot from repeatedly filling out the form sucking up bandwidth.
What we need is a way to do a form so that people in browsers see it but the spambot does not.
Captcha doesn't do that.

wilderness:
Thanks for the advice. I had trailing periods on the non-complete IPs before and it didn't seem to work. Of course, there may have been some other problems.

But the Apache docs show it without the final period:
[httpd.apache.org...]

From the site:
A full IP address
Example: Allow from 10.1.2.3
An IP address of a host allowed access
A partial IP address
Example: Allow from 10.1
The first 1 to 3 bytes of an IP address, for subnet restriction.