Welcome to WebmasterWorld Guest from 220.127.116.11
First I tried blocking IP addresses but found this to be useless. If you block one IP address they just switch or use a proxy server.
The solution is to convert your html files to .shtml files. The first line of the .shtml file is an include of a PHP IP address counter script.
It only allows 100 page views per IP address each day. Obviously this causes problems for a small minority of users but I have used it for 12 months and no one steals my content now.
Just thought I'd share this.
i block by user agent using the global.asa ... session start
people can fake ua stings that is for sure but i also block by ip in the same way.
connect to a database in the global.asa check the UA against the 'blacklist' also check the ip against the blacklist.
populate the blacklist however you like
You can't block by User-Agent because they can easily be faked.
I don't think it hurts to include User-Agent blocking, to weed out the low hanging fruit of theives that are too dumb to mask their Wget or whatever tool they're using to download an entire site, and keep them from stealing those 100 pages a day under your IP count method.
It bans an IP if the number of accesses exceeds a certain amount over a specified time limit.
To speed up the process IPs are stored in a 2 to 4 digit hash so it may ban a few sites accidentally, especially on a busy site.